Twitter revealed this week that phone numbers and email addresses submitted by some of its users to improve their security on the site may have been inadvertently used for advertising purposes.
In a message posted online on Tuesday, October 8, the San Francisco-based company said that the data may have been used in a way that enabled targeted ads to be served to some users on its site.
But it insisted that at no point had any personal data had been shared externally with its partners or any other third parties.
Explaining what happened, Twitter said that when an advertiser uploaded their marketing list, “we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes,” adding, “This was an error and we apologize.”
But the message declined to go into details about how the blunder occurred.
Twitter said that it put a block on the practice on September 17, meaning that phone numbers and emails collected by Twitter for security purposes no longer have any connection with targeted ads served on the site.
In its message, Twitter said it couldn’t be sure how many users had had their data used for advertising purposes. It also failed to say how long the practice had been taking place or if those affected would have been aware of the fact. We’ve reached out to the company for more information and will update this article if we hear back.
We recently found that some email addresses and phone numbers provided for account security may have been used unintentionally for advertising purposes. This is no longer happening and we wanted to give you more clarity around the situation: https://t.co/bBLQHwDHeQ
— Twitter Support (@TwitterSupport) October 8, 2019
Social media sites like Twitter are coming under increasing scrutiny over how they handle data that’s been provided by users.
Just a few months ago, Twitter apologized for inadvertently collecting location data from some of its users and sharing it with an advertising partner.
As with its latest lapse, it couldn’t say how many users had been affected or how long it took to spot the error.