In yet another breach of user privacy by a large social media network, Twitter admitted on Tuesday that a number of users' emails and phone numbers may have been misused by the company and "inadvertently" used for ad purposes. It also said no user data was shared externally with marketing partners or other third-parties.
"When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes", said Twitter.
In March, Facebook was highly criticised for using numbers and email addresses submitted for two-factor authentication to target advertising.
Twitter has revealed it used email addresses and phone numbers provided by users for account safety and security purposes to tailor advertisements.
The micro-blogging site said the matter was rectified on September 17.
If you have any questions about your data and how Twitter used it, you can fill out a Data Protection Enquiry Form to get a response from Twitter.
In a statement, Twitter said it "cannot say with certainty how many people were impacted".
Other prominent online services, such as Google, don't require users to provide phone numbers to use non-SMS-based 2FA. It also informed users of Twitter's Android smartphone app that a system issue turned off a setting that made their tweets private.
This language, in which Twitter calls the error, "the issue that allowed this to occur", is way too passive.
Twitter assures users that no "personal" information was shared, though we're not sure what Twitter would consider "personal information" if your phone number and email address do not meet the bar.
In an examination of Northeastern University previous year, researchers found that after a person gave a phone number to Facebook for two-factor authentication purposes or log-in alerts, that phone number was targeted by advertisers within a few weeks.