Is it? Can't people read your DMs on Mastodon as well? If that is your concern then seems like all things are equal. I'm being somewhat obtuse but I don't see how Mastodon is a reasonable replacement for Twitter.
Unless a service or protocol provides end-to-end encryption, you should not use its messaging features for anything truly sensitive.
And no, this is not equal. The Hive authors seem to have completely failed to implement authorization for their API, allowing (it seems) anyone with a valid auth token to make a request as any other user, granting everyone access to everyone else's data.
This is a "car company doesn't know what seat belts are" level of incompetence.
