Oooooops!
Tech media today is reporting a major security fail within the offices of Twitter, a firm with an interesting background in social media and one of the bigger platforms in today’s user toolkit.
Revelations from internal sources show that when Twitter tried to aggregate customer data for security purposes, that data, according to a Twitter statement, “may have inadvertently been used for advertising purposes…”
Two-factor authentication is now a common part of doing business on the web. It was intended to replace strong and weak password systems that were often exploited by hackers. In other words, if you verify your authentication through your secondary device, it’s very unlikely that a hacker will be able to simulate that activity, and so your platform is safer.
However, you’re not supposed to let that secondary information get out to third parties!
The extent of this error gets worse with today’s industry context – if you were going to pick a time to inadvertently release sensitive customer information, it might not be great to do it at a time when the nation’s biggest tech companies are facing probes not only for antitrust issues, but for security and privacy issues as well.
Twitter’s leadership is on the vanguard of some fintech phenomena – the CEO is enthusiastic about cryptocurrencies and savvy about the ways that digital assets can change the marketplace. But Twitter seems to be at least a little bit asleep at the wheel with data breaches that were really self-enforced errors.
Twitter specifies that the problem came through tracking Twitter account holder phone numbers to a tool called “Tailored Audiences” that is connected to an ad targeting platform.
“We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again,” wrote Twitter spokespersons.
That doesn’t sound like it would be enough for internal damage control – not even close. Data breaches are one of the most frightening events that executive leadership of a significantly sized company can anticipate.
Watch this space to see how Twitter navigates this rather large data privacy issue.
