Twitter tweeted via its support account on Tuesday that it had “unintentionally” used customer contact data that had been provided for account security for advertising purposes.
The tweet links to a more detailed explanation about the issue, explaining that “when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system.”
Tailored Audiences is a Twitter feature that is designed to allow advertisers to target ads to customers based on the advertiser’s marketing list. Partner Audiences operated in a similar way.
“When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologize,” wrote Twitter.
Twitter says it “cannot say with certainty” how many Twitter users were affected, but that “no personal data was ever shared externally with our partners or any other third parties,” and issued an apology:
“We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again. If you have any questions, you may contact Twitter’s Office of Data Protection through this form.”