Twitter says it used your 2FA info to advertise by accident

Cartoon image of a sperm whale being held aloft by balloons

Cartoon image of a sperm whale being held aloft by balloons

In that case, the Federal Trade Commission alleged Facebook deceived users because it "did not disclose, or did not adequately disclose" that phone numbers provided through its security tool for the goal of two-factor authentication "also would be used by Facebook to target advertisements to those users".

The company issued a statement saying that the misuse of that information was a "mistake" and was "inadvertent".

Twitter says it mistakenly used the phone numbers and email addresses people provided for security purposes to show advertisements to its users.

Those tools let advertisers aim a specific ad at a customer based on their own marketing lists.

It said that the account security contact information had not been disclosed to third parties, but could not say how many users had been affected.

The Partner Audiences advertising system, on the other hand, makes it possible for advertisers to target users from lists provided by third-party partners.

Eagles announce the 2020 Hotel California tour
Hotel California is the third best-selling USA album in history, certified 26-times Platinum by the RIAA. After an intermission, they'll return with an entire additional set of the band's other greatest hits .

A Twitter security feature may've wound up costing people their data privacy, the company said in a statement Tuesday.

Twitter users' phone numbers and email addresses - submitted to allow for account authentication - were matched with advertisers' own data to enable targeted ads.

The company said it had decided to "make everyone aware" of the issue given it was unable to narrow down exactly which accounts may have been impacted. Infosec professionals warned that it could lead people to distrust and ultimately abandon 2FA security on accounts.

That information is supposed to be used exclusively for account protection purposes, but Twitter said advertisers were able to tap the phone numbers to target commercials, through the company's "Tailored Audiences" and "Partner Audiences advertising system".

Something similar happened a year ago when, as Gizmodo's Kashmir Hill discovered, Facebook built complex advertising profiles for all its users containing everything from their two-factor authentication phone numbers to info harvested from their friends' profiles.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.