After exposing private tweets, plaintext passwords, and personal information for hundreds of thousands of its users, here is a new security blunder social networking company Twitter admitted today.
Twitter announced that the phone numbers and email addresses of some users provided for two-factor authentication (2FA) protection had been used for targeted advertising purposes—though the company said it was ‘unintentional.’
In a blog post, the company said an ‘error’ in its ‘Tailored Audiences and Partner Audiences advertising system’ inadvertently used the information provided by users for security reasons to run targeted ads based on the advertisers’ own marketing lists.
“When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologise,” Twitter said in a blog post.
images from Hacker News