X (Twitter) — Data Breach

moderate

May 13, 2019→Oct 8, 2019

Twitter admitted that phone numbers and email addresses provided by users for two-factor authentication had been inadvertently used for advertising targeting since 2014. The company said it had matched security contact information to advertiser audience lists through its Tailored Audiences system, affecting an estimated 140 million users. This practice later formed the basis of the FTC's $150 million fine in 2022.

Post LinkedIn Reddit Email

data-collection advertising enforcement data-breach consent-decree

Sources

Twitter Blog: Information on How We Addressed Security Contact Data
TechCrunch: Twitter Used 2FA Phone Numbers for Targeted Advertising

Full diff not available for this historical entry.

Detailed line-by-line diffs will be generated automatically for future policy changes detected by the scraper.