Twitter says it unintentionally used some users' email addresses and phone numbers for "advertising purposes."
Twitter said in a statement on Tuesday the personal information came from users who provided it for security purposes, like two-factor authentication. It said that info "may have inadvertently been used" to tailor advertisements to users. It's unclear how many people were impacted.
Twitter says it addressed the issue back in September and that no personal data was shared with third parties.
Just two months ago, Twitter CEO Jack Dorsey had his account hacked. The hackers sent multiple tweets to his more than 4 million followers, including a bomb threat.
And back in May, Twitter asked all of its users to change their passwords after it found it was storing passwords internally without masking them. The company said then that it had no reason to believe that information was breached.