Twitter "inadvertently" used phone numbers and email addresses its users provided for account security purposes to target ads, the company said Tuesday.
In July, the Federal Trade Commission (FTC) said Facebook had broken the law when it engaged in a similar practice. The FTC fined Facebook $5 billion for that and a litany of other instances where it mishandled user data.
Twitter users are asked to provide information like their phone number to help secure their account through services such as two-factor authentication.
"We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware," the company said in a blog post Tuesday. It said no personal data had been shared externally.
"We're very sorry this happened and are taking steps to make sure we don't make a mistake like this again," the company added.
Phone numbers provided to Twitter for the purpose of two-factor authentication were recently exposed as a hacking vulnerability as well. A hacker or hackers were able to tweet from the account of CEO Jack Dorsey by convincing Twitter's systems that they had his phone and were texting the tweets to his account.
- Twitter used phone numbers gathered for account security to sell ads
- Oregon State Police creates new phone number
- Twitter explains why it hasn't suspended Trump's account
- Twitter CEO Jack Dorsey was hacked Friday. Here's how to safeguard your Twitter account
- Facebook under fire for phone number look-up feature
- Lawsuit claims AT&T created fake accounts to juice DirecTV Now subscription numbers
- Thurston community gathers for vigil
- WhatsApp reveals major security flaw that could let hackers access phones
- FTC reports a sharp increase in phone scams from criminals impersonating IRS, Social Security
- Electronic logging devices hold truckers accountable