Social media platform Twitter admits to suffering a serious security incident on Tuesday, June 23, 2020, with the data breach revealing the personal information of its business users. The company has since issued an apology to its clients via email.
Based on the company statement, the bird app admits that the customer information of its business clients was inadvertently stored in the browser’s cache, states Tech Crunch. BBC reveals the tech giant has been made aware of the incident on May 20, 2020.
According to BBC, Twitter sent an email to its business clients, saying it was “possible” that other entities may have accessed or used their personal data.
The email said, “We’re very sorry this happened. We recognise and appreciate the trust you place in us, and are committed to earning that trust every day.”
Among the personal data compromised in the breach include email addresses, phone numbers, as well as the last four digits of the credit card number associated with the account. Despite this, BBC reports that the tech company maintains that the billing information of customers was not compromised.
Laura Pacas, a Twitter spokesperson, confirmed the incident to Tech Crunch. However, the company declined to provide the number of clients affected by the data breach.
In a statement to Tech Crunch, Pacas said, “We became aware of an incident where if you viewed your billing information on ads.twitter.com or analytics.twitter.com the billing information may have been stored in the browser’s cache.”
“As soon as we discovered this was happening, we resolved the issue and communicated to potentially impacted clients to make sure they were aware and informed on how to protect themselves moving forward,” states Pacas.
The latest bird app security breach comes two years after its last security incident. In 2018, Twitter urged the public to change their respective passwords after admitting to storing its users’ passwords in plaintext.
In 2019, Tech Crunch shares that the bird app suffered from a number of security incidents, including having a software flaw that allowed a cybersecurity researcher to gain access to phone numbers linked with millions of Twitter accounts.
Apart from this, the company also revealed that it provided the account location data to one of its partners as well as giving its advertising partners access to more private and personal information than it normally should have. The company also admitted to using phone numbers of users for targeted ads.