Twitter just followed Facebook's stead, by misusing its users' personal information. (Image via TechCrunch)

Twitter admits using users' e-mail address for ads

Instead of security, Twitter users had to face the truth that social media used their two-factor authentication requirements: phone numbers and e-mail addresses, for targeted ads. Twitter did not give up any date when they found out about the problem but hinted that it was 17 September, more than two weeks ago.

Of course, the users did not want to receive these ads at first. However, due to the information sharing, the third-party could use the information to promote their unwanted apps to Twitter users.

While on late Tuesday, Twitter said that they could not measure how many people got affected by the issue, the number might reach worldwide as Twitter has 139 million users worldwide accessing the social media platform daily.

Europe’s General Data Protection Regulation (GDPR) stated that the users should have been notified if their personal information had been used for other reasons than security.

By obtaining the phone numbers and e-mail addresses of Twitter users, third-party marketers can match their marketing list databases with the e-mail addresses and phone numbers and send advertisements for those who are already familiar with the products.

While two-factor authentication makes it more difficult for crackers and hackers to manipulate the account, Twitter wrongly used this information for tailored advertising.

The problem put Twitter on the same boat with its old rival, Facebook, who also got caught red-handed using phone numbers and e-mail addresses for tailored advertising. Facebook got fined US$5 billion and was prohibited from using phone numbers as a requirement for the authentication.

The difference between Facebook and Twitter regarding the matter was that Facebook showed no remorse about it.

This incident marked another security problem faced by Twitter. From storing passwords in a plaintext format to the location data leak, the latest was when Twitter’s CEO, Jack Dorsey, found his account hacked.