Twitter has issued an apology to its business clients acknowledging that personal information may have been compromised, the BBC reported.
“We’re very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day,” said an email to affected users seen by the news service.
The email also noted, that it was “not believed that non-business Twitter users are affected,” according to the report.
Billing information of some of its clients which use Twitter’s advertising and analytics platforms was stored in the browser’s cache, Twitter said in an email to its clients. It was possible others could have accessed personal information such as email addresses, phone numbers and the last four digits of clients’ credit card numbers.
“We are writing to let you know of a data security incident that may have involved your personal information on ads.twitter and analytics.twitter … We became aware of an issue that meant that prior to May 20, 2020, if you viewed your billing information on ads.twitter or analytics.twitter the billing information may have been stored in the browser’s cache … Examples of that information include, email address, phone number, last four digits of your credit card number,” the email said as reported by Express.com.
The tech company said there’s no evidence billing information was compromised. It’s unclear how many businesses have been affected.
This is not the first time Twitter has been exposed to a data breach.
In 2016, nearly 33 million Twitter users’ personal data was compromised and offered for sale on the dark web, LeakedSource.com, the subscription-based breach notification service, reported.
“Each [Twitter] record may contain an email address, a username, sometimes a second email and a visible password,” LeakedSource wrote in its blog. “We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials, however, are real and valid. Out of 15 users we asked, all 15 verified their passwords.”
In response, Michael Coates, Twitter’s trust and information security officer, tweeted he was confident Twitter’s systems had not been compromised.
LeakedSource alleged the data leak stems from malware infecting users’ devices and the malware sent every saved username and password from browsers like Chrome and Firefox to the hackers from all websites, including Twitter.