The L.A. Times and now, Mashable are reporting that a security hole in Twitter allows protected tweets to be indexed by Google. After looking into the matter, we have determined that Google is not displaying protected tweets but rather indexing all public tweets, some from accounts that are now protected.
At first glance, there seems to be a hole in Twitter's protected tweet security, with the prime example being tweets, supposedly written by Bill Clinton showing up on the search engine. However, the tweets that appear here belong to "Fake Bill Clinton" from when he owned the @billclinton username and the account was private. One of the tweets that is indexed by Google under @billclinton can be found, migrated to @notbillclinton's account here.
It appears that all Twitter users whose accounts have been protected since they opened them are in no danger of their tweets being indexed. It appears that if, at some point, the profile was public, then the tweets made during that time continue to live in Google's index.
This incident was definitely a scare for users with protected accounts who value their privacy on the site highly and have placed some degree of trust in Twitter to keep their tweets safe. Twitter has had some security concerns in the past, withand before that with . Since the "protected tweets exposed" fiasco is essentially a non-issue, it appears that Twitter has the service's security under control for the time being. Privacy and trust are big issues for companies like Twitter and had this been a real issue, surely many users would have felt betrayed.