Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Twitter Again Admits Sharing User Data Without Permission

Twitter admitted this week that it may have accidentally shared some users’ data with third parties without permission.

Twitter admitted this week that it may have accidentally shared some users’ data with third parties without permission.

The company said it identified two issues. One of them is related to the mobile app and it may have resulted in data being shared with trusted advertising and measurement partners.

The impacted data was collected when users viewed or clicked on an ad from the mobile application, and it included country code, information about the advertisement, and whether the user engaged with the ad and when. The social media giant has determined that the problem existed in the mobile application since May 2018.Twitter shares user data without permission

The second issue was related to information collected by Twitter about a user’s browser and device.

“As part of a process we use to try and serve more relevant advertising on Twitter and other services since September 2018, we may have shown you ads based on inferences we made about the devices you use, even if you did not give us permission to do so,” Twitter said.

In this case, the company said the data stayed within Twitter, and it did not include passwords, email addresses or other types of highly sensitive information.

Twitter provides settings that allow users to control how their data is shared, but in this case the settings choices did not work and the data was shared even if the user did not give the company permission to do so.

Twitter said it addressed the issues on August 5, but it’s still trying to determine how many users were impacted. In the meantime, the company says users do not need to take any action in response to the incident, other than checking their settings.

“You trust us to follow your choices and we failed here. We’re sorry this happened, and are taking steps to make sure we don’t make a mistake like this again,” Twitter said.

Advertisement. Scroll to continue reading.

This is the second time in recent months that Twitter has admitted inadvertently sharing user data with third parties. In May, the company informed users that a bug in the Twitter app for iOS resulted in location data being collected and shared with an advertising partner.

Related: Bug Exposed Direct Messages of Millions of Twitter Users

Related: New Twitter Rules Target Fake Accounts, Hackers

Related: Bug Gives Twitter Apps More Permissions Than Shown

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Software giant Atlassian has named David Cross as its new CISO.

Dan Pagel has been named the new CEO of risk management and remediation firm Brinqa.

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.