Billing information for some clients who advertise on its platform was mistakenly stored in browser cache, Twitter told clients in an e-mail, according to BBC News.
And the company said it’s possible others got hold of private information.
That would include e-mail addresses, phone numbers and the last four digits of clients' credit card numbers. But Twitter said it has no evidence yet that any data was pilfered, BBC reports.
The breach also applies to businesses that utilize Twitter's analytics platform. Twitter doesn’t know how many businesses were affected. Non-business Twitter users apparently weren’t part of the problem, BBC reports
Twitter said it learned of the issue on May 20 and has now eliminated the vulnerability.
"We're very sorry this happened,” Twitter said in the e-mail, according to BBC. “We recognize and appreciate the trust you place in us, and are committed to earning that trust every day."
This isn’t the first security breach Twitter has experienced.
“Last year alone, Twitter closed a bug that allowed a researcher to discover phone numbers associated with millions of Twitter accounts; admitted it gave account location data to one of its partners, even if the user had opted-out of having their data shared; and inadvertently gave its ad partners more data than it should have,” according to TechCrunch.
Twitter shares recently traded at $33.26, down 0.4%. They have climbed 39% in the past three months.