Twitter admitted yesterday that it “unintentionally” used some email addresses and phone numbers for advertising purposes. These phone numbers were specifically used to keep your account safe with two-factor authentication.
We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system.
This is exactly why SMS-based two-factor authentication needs to go away. SMS is inherently insecure, as the FBI recently noted. Funnily enough, I recently removed my phone number from Twitter, although it’s probably too late.