IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Twitter alerts business customers after flagging data breach

The company has apologised for an error that meant third-parties may have had local access to personal data

Twitter has messaged its business clients to inform them that their personal information may have been compromised in a “data security incident”

An issue with the way Twitter cached data on web browsers meant the personal information of customers' with the social media company's advertising or analytics platforms may have been locally accessed by third-parties.

Prior to 20 May, the company revealed, if business customers accessed their billing information, the data on this page would have been improperly stored in the cache of their internet browser

The potentially exposed information included email addresses, phone numbers, and the last four digits of users’ payment card as well as the billing address. The exposed information did not include complete card numbers, expiration dates or security codes.

Most internet browsers normally storing data in their cache for a short period like 30 days, although this is more than enough time for somebody to have inadvertently accessed the details customers viewed on Twitter. This is particularly true for shared or public devices.

“On May 20, 2020, we updated the instructions that Twitter sends to your browser’s cache to stop this from happening,” the company wrote in a message to customers. 

“While we have no evidence that your billing information was compromised, we want to make sure you aware of the issue and how to protect yourself going forward. If you currently use a shared computer to access your Twitter Ads or Analytics billing information, we recommend clearing the browser cache when you log out.”

The company has apologised for the incident, stressing it recognises the trust customers place in the platform.  

Twitter has previously been at the heart of several major security incidents, including most recently in August 2019 when the company found an issue in its privacy settings that may have led to user data being inadvertently shared with third-parties. 

Users who clicked or viewed an ad on the app from May 2018 may have accidentally shared data with its third-party measurement and advertising partners, even if permission hadn’t been granted.

In May 2018, meanwhile, Twitter told 330 million users to change their passwords after some were exposed in plain text over its internal network. This was due to a but which caused the passwords to be stored on a computer log before a hashing process was completed.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

Why convenience is the biggest threat to your security

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022