Twitter, which uses phone numbers for two-factor authentication, appears to have unintentionally used it for more than just secure your account. The social network recently learned that phone numbers and email addresses that were provided for safety and security, including two-factor authentication, might have been used for ad purposes.
Twitter took to its official Twitter Support page and posted, "We recently found that some email addresses and phone numbers provided for account security may have been used unintentionally for advertising purposes. This is no longer happening and we wanted to give you more clarity around the situation."
Advertisers on the social media app can customise promos based on uploaded marketing lists and Twitter may have inadvertently matched people on those lists based on phone digits and email addresses that were supposed to have been off-limit. According to Twitter, "This was an error."
Twitter maintained that it never shared "personal data" with partners or outsiders and it had resolved the problem, as of September 17. Furthermore, it is "taking steps" to ensure that it does not happen again. However, Twitter is unaware of how many people might have been affected by it and is reporting the incident primarily to be "transparent" about what happened.
The incident is reminiscent of the time when Facebook caught flak just over a year earlier for using phone numbers for ad targeting. And while Twitter intended to use the phone numbers or not, one cannot deny the fact that the social media platform was using sensitive account details for ad targeting without the knowledge of users of their permission.