Twitter says it recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes.
The data were used by Twitter's Tailored Audiences, a version of an industry-standard product that allows advertisers to target ads to customers based on the advertiser's own marketing lists (e.g., email addresses or phone numbers they have compiled). Partner Audiences allows advertisers to use the same Tailored Audiences features to target ads to audiences provided by third-party partners. When an advertiser uploaded their marketing list, Twitter may have matched people on the micro-blogging network to their list based on the email or phone number the Twitter account holder provided for safety and security purposes.
"This was an error and we apologize," Twitter said.
Twitter cannot say with certainty how many people were impacted by this. The company says that no personal data was ever shared externally with its partners or any other third parties. As of September 17, Twitter has addressed the issue that allowed this to occur and are no longer using phone numbers or email addresses collected for safety or security purposes for advertising.