Twitter has sent a notice to all it’s users about a data security incident that “may have involved personal information on ads.twitter.com and analytics.twitter.com.”
Giving details of the issue, Twitter said that, if users have viewed your billing information on ads.twitter.com or analytics.twitter.com prior to May 20, 2020 the billing information may have been stored in the browser’s cache. Examples of that information include email address, phone number, last four digits of credit card number (not complete numbers, expiration dates or security codes), and billing address. If users have shared computer, it is possible that if someone used the computer after you they could have seen the information stored in the browser’s cache (most browsers generally store data in their cache by default for a short period of time like 30 days).
On May 20, 2020, Twitter claims to have updated the instructions that Twitter sends to your browser’s cache to stop this from happening.
While Twitter does not have evidence about billing information compromised, it “wanted to make sure that users are aware of the issue”. They recommend clearing the browser cache when users log out.
