Hive Social recently shut down its servers after security researchers discovered severe security vulnerabilities that put users’ private data at risk. According to German cybersecurity firm Zerforschung, the flaw was serious enough that hackers could access all personal data for all 2 million-plus users, including names, email addresses, and phone numbers, as well as all private messages — even those previously deleted from chats. There’s no evidence of such a hack, but it’s still a massive security issue.
In response to Zerforschung’s discovery, Hive Social’s team shut down its servers, thus disabling the app, while the vulnerabilities are patched. On Wednesday, Hive posted an official statement (ironically on Twitter) saying the app will be “offline for a couple of days while we fix this for a better and safer experience.” It remains offline at the time of this writing.
The Hive team has become aware of security issues that affect the stability of our application and the safety of our users. Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience pic.twitter.com/wOgW7ga9xN
— Hive (@TheHIVE_Social) December 1, 2022
To be fair, Hive Social is operated by an extremely small team that likely wasn’t expecting to see a massive influx of users after Elon Musk bought Twitter. Many Hive Social features are still in development, and even the Hive Android app is a buggy work in progress — but that’s to be expected of a tiny app like this.
However, these issues confirm suspicions leveled by some users over Hive’s security. The app lacks important features like two-factor authentication, the Android app is buggy, and clearly, the servers need stronger safeguards.
Hopefully, Hive comes back stronger and safer. Personally, of the many Twitter alternatives cropping up, Hive is my favourite — even with its shoddy Android app. But if you take your data security seriously, it’s best to avoid Hive for the foreseeable future.
That’s not to say you should jump to Post, Mastodon, or other apps hoping to replace Twitter instead. They all have their issue and caveats, too. More importantly, Hive’s security woes are a lesson on why you shouldn’t fork over your personal data to a new, untested app — no matter how exciting it is. But it also doesn’t mean you should trust Twitter, either.
Earlier this week, the beleaguered social media app suffered its own massive security breach that compromised the personal data of millions of users. Yet unlike Hive, Twitter has not made a statement on the hack, nor its plans to fix the vulnerabilities that enabled it. I know Musk has chopped the company’s staff down considerably, but if Hive’s tiny team can fess up to the issues and take steps to fix them, we should expect the same from a large, established company like Twitter.
So, where should you post?
I empathise with the desire to jump the Twitter ship. Twitter, like all social media, is a resource many of us rely on in our personal and professional lives, but it’s also a nightmare realm seemingly headed toward total implosion. It was before Musk’s takeover, and the billionaire’s direction is only accelerating the process. So of course people, want somewhere else to post.
Unfortunately, until one of these new apps finally emerges as a safe and comprehensive Twitter alternative (and I’m personally pulling for Hive), the safest option is to avoid all of these apps for now and see which pulls ahead. That’s not a viable option for everyone, of course, so if you do use these apps, practice safe data hygiene — use unique passwords secured with a password manager, limit how much personal data you give these apps, and enable extra security options like 2FA whenever possible.