Twitter ‘Very Sorry’ It Misused Security Data For Ads

Twitter (via geralt/Pixabay)

Twitter has apologized for “inadvertently” sharing users’ personal information for advertising purposes.

Phone numbers and email addresses provided for security features like two-factor authentication have been exploited by third-party advertisers.

“We cannot say with certainty how many people were impacted by this,” the social network said. “But in an effort to be transparent, we wanted to make everyone aware.”

We recently found that some email addresses and phone numbers provided for account security may have been used unintentionally for advertising purposes. This is no longer happening and we wanted to give you more clarity around the situation: https://t.co/bBLQHwDHeQ

— Twitter Support (@TwitterSupport) October 8, 2019

Specifically, data was used in Twitter’s Tailored Audiences and Partner Audiences systems, which allow advertisers to target ads based on marketing lists compiled by the business itself or third-party partners.

“When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the … account holder provided for safety and security purposes,” Twitter admitted. “This was an error and we apologize.”

On the plus side, no personal data was ever shared externally, according to the company.

It’s unclear when Twitter first recognized the problem; as of Sept. 17, it has “addressed the issue” and is no longer using phone numbers or email addresses collected for safety purposes in advertising.

“We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again,” the firm said.

Twitter introduced two-factor authentication in 2013, ensuring that if someone wants to hijack your account, they’ll need more than just a stolen password.

This isn’t the first time the popular security function has been abused.

Facebook landed in hot water last year when it confessed to using 2FA phone numbers for ad targeting.

Then, in March, it was revealed that “hundreds of millions” of Facebook user passwords have been stored in plain text for as long as seven years.

As Zuckerberg & Co. can attest, privacy breaches are a serious matter: The platform was recently slapped with a $5 billion fine following the Cambridge Analytica scandal.

More on Geek.com:

• Raspberry Pi Adds 2-Factor Authentication to a Safe
• Huge JPMorgan Hack Happened Because the Bank Forgot to Use Two-Factor Authentication
• Twitter’s New Website Mirrors Its Mobile App

from Geek.com https://ift.tt/2LYGMdb
via IFTTT