Twitter users who provided an email address or phone number, as a form of two-factor authentication, could have “inadvertently been used for advertising purposes,” Twitter reveals.
In a blog post, the social media giant indicated that the data could have specifically been used in its Tailored Audiences and Partner Audiences advertising system.
Tailored Audiences is a version that allows advertisers to target ads to users based on the advertisers’ own marketing lists, which would include email addresses or phone numbers, Twitter noted.
It indicated that Partner Audiences allows advertisers to use the features in Tailored Audiences to target ads to users provided by third-party partners.
“When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes,” Twitter said. “This was an error and we apologize.”
Twitter said it was not certain how many people were impacted by this, but “wanted to make everyone aware.”
The social media giant noted that no personal data was shared externally with partners or third-parties.
It added that as of September 17th, it addressed the issue and are “no longer using phone numbers or email addresses collected for safety or security purposes for advertising.”
“We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again,” Twitter said, adding that if users had any questions to contact Twitter’s Office of Data Protection.