Twitter has issued a mea culpa after realizing that phone numbers and email addresses provided by users for “security purposes” had been accidentally handed to marketers, helping them target advertisements online

The company admitted the error in a blog post on Tuesday, stating that the user information was unintentionally mixed up with its targeting advertisement program, known as “Tailored Audiences.”

“We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes,” the company said, adding “This was an error and we apologize.”

Also on rt.com ‘Time to throw away the phone’: DoorDash hackers stole data on nearly 5 million users

Twitter users may have been “matched” to advertiser marketing lists based on the phone and email information provided for “two-step authentication,” a security feature that requires a user provide additional credentials beyond the typical email and password before they can log in.

While the company says it fixed the error in mid-September, it “cannot say with certainty” just how many of its 126 million daily users may have been served up to advertisers, using their information without permission.

Also on rt.com Facebook privacy breach: Hundreds of millions of users’ phone numbers exposed

Twitter is not the only social media platform to accidentally hand out troves of user data in recent weeks. Last month, some 419 million phone numbers were left exposed on an unprotected Facebook server, leaving countless users vulnerable to spam calls, as well as more serious security breaches.

Like this story? Share it with a friend!