Twitter on Tuesday disclosed that it “inadvertently” used phone numbers and email addresses users provided for security purposes to deliver targeted ads.
The social media company said information that users had provided for two-factor security authentication — additional credentials used to verify members in case of a breach — was used by advertisers to match members to their own marketing lists. Twitter did not disclose how many of its 300-million-plus users were affected.
“We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware,” read a company release.
Twitter said it fixed the issue as of September 17. The company also said it did not share personal data with advertisers or other third parties.
Marketers are permitted to use data that social media users intentionally disclose in accounts — in the form of tweets and profile information — to deliver targeted ads in promoted tweets. But they’re not supposed to have access to information used to secure accounts, according to CNET senior producer Dan Patterson.
Read more at CBSNews.com.