The ‘unintentional’ use of user email addresses and phone numbers for targeted advertising has prompted an apology from Twitter.
Twitter has confirmed that third party advertisers could have targeted certain users using these details, which have been provided for security purposes, without the user’s permission. A statement from Twitter revealed they could not determine how many users had been affected.
To create a Twitter account, users must provide a valid email address and phone number to set up an account, and these do help with account security. However, Twitter disables accounts without phone numbers even if that user isn’t using a phone number-reliant form of two-factor authentication (2FA) protection (such as a verification code sent in a text message).
2FA provides a way of ‘double checking’ that you really are the person you are claiming to be when you’re using online services, such as banking, email or, in this case, social media.
There are better forms of 2FA than the SMS-based approach, such as authenticator apps and back-up codes, but any 2FA is much better than no 2FA at all.