Twitter in the United States (US) has been fined $150 million after law enforcement officials accused the social media company of illegally using users’ data to sell targeted adverts.

In a Twitter post on Thursday, the Federal Trade Commission (FTC), a US agency that promotes consumer protection, charged Twiter with deceptively using users’ account security data to sell targeted adverts.

The commission, as well as the US Department of Justice, ordered Twitter to pay $150 million penalty for violating 2011 FTC order and cease profiting from deceptively collected data.

“FTC charges with deceptively using account security data to sell targeted ads,” the commission wrote on Twitter.

READ ALSO: Elon Musk Halts Plan to Buy Twitter

“FTC and @DOJCivil order Twitter to pay $150 million penalty for violating 2011 FTC order and cease profiting from deceptively collected data.

“Proposed order would prohibit Twitter from profiting from deceptively collected data, allow users to use other multi-factor authentication methods such as mobile authentication apps or security keys that do not require users to provide their telephone numbers.”

In a statement, FTC stated that the proposed order would “prohibit Twitter from profiting from deceptively collected data; allow users to use other multi-factor authentication methods such as mobile authentication apps or security keys that do not require users to provide their telephone numbers; notify users that it misused phone numbers and email addresses collected for account security to also target ads to them and provide information about Twitter’s privacy and security controls; implement and maintain a comprehensive privacy and information security program that requires the company, among other things, to examine and address the potential privacy and security risks of new products; limit employee access to users’ personal data; and notify the FTC if the company experiences a data breach.”

READ ALSO: TIMELINE: How Elon Musk’s ‘Love’ for Twitter Led to His Takeover

Ian Reynolds, managing director of computer security firm Secure Team, told the BBC: “Once again, Twitter is violating the trust that their users have in their platform by using their private information to their own advantage and increasing their own revenue.”

“Twitter led their customers into a false sense of security by acquiring their data through claiming it was for security purposes and protecting their account, but ultimately ended up using the data to target their users with ads.

“This reality shows the power that companies still have over your data and that there is a long way to go before users can be comfortable knowing that they have full control over their own digital footprint.”

In order to authenticate an account, Twitter requires users to provide a telephone number and email address. That information also helps people reset their passwords and unlock their accounts if required. But, according to the FTC, until at least September 2019, Twitter was also using the information to boost its advertising business.