Twitter has admitted that it has been using phone numbers and email addresses that its users have provided to enable two-factor security for advertising purposes.
In a statement, Twitter revealed that this was “inadvertently” done by its Tailored Audiences advertising program.
- How to download videos from Twitter
- Can Facebook and Twitter exist without fake news and trolling?
- Best social media management tools of 2019: apps for managing and marketing
“We recently discovered that when you provided an email address or phone number for safety or security purposes,” the statement explains, “this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system.”
The Tailored Audiences system is used by advertisers to target adverts to potential customers based on lists that the advertisers have created (phone numbers and email addresses, usually).
Meanwhile, Partner Audiences provides those same features to advertisers, but the lists are created by third parties. According to Twitter, “When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes.”
This is, of course, a big breach of trust – and security – on Twitter’s part. People have added secondary email addresses and their phone numbers to help secure their accounts. So, for example, if you log in to your Twitter account on a new PC, Twitter will send an email or text to your secondary email or phone number to confirm its you.
In no way are these additional email and phone numbers supposed to be passed on to other companies to be used for advertising or other purposes.
Twitter claims it doesn’t know how many people were impacted by this, but it promises that no personal data was shared externally with partners or third parties.
It also claims that the issue has been fixed as of September 17, but it's only now made the issue public.
Twitter repeatedly apologizes for this transgression in its statement, but it’s bound to impact trust between its users and the social media platform. However, despite this breach of trust, we still recommend leaving two-factor authentication turned on for the additional security it provides.
Hopefully, Twitter has learned from this mistake and will not allow it to happen again.
- Not convinced? Here’s how to delete Twitter for good
Get daily insight, inspiration and deals in your inbox
Get the hottest deals available in your inbox plus news, reviews, opinion, analysis and more from the TechRadar team.
Matt is TechRadar's Managing Editor for Core Tech, looking after computing and mobile technology. Having written for a number of publications such as PC Plus, PC Format, T3 and Linux Format, there's no aspect of technology that Matt isn't passionate about, especially computing and PC gaming. Ever since he got an Amiga A500+ for Christmas in 1991, he's loved using (and playing on) computers, and will talk endlessly about how The Secret of Monkey Island is the best game ever made.