Twitter has admitted to “inadvertently” using personal data like email addresses and phone numbers for targeted advertising.
The blunder meant that when a user handed over this data for security purposes – eg two-factor authentication – it was instead used by Twitter’s ad services.
“We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware,” the company said in a statement.
“No personal data was ever shared externally with our partners or any other third parties.
“As of September 17, we have addressed the issue that allowed this to occur and are no longer using phone numbers or email addresses collected for safety or security purposes for advertising.”
It’s not the first time Twitter has been forced to make such a statement.
Earlier this year, the company admitted to another security issue around mobile ads.
Additionally, the account of company CEO Jack Dorsey was hacked and sent a series of racist tweets in August.