Twitter Whistleblower Claims Social Media's Executives Deceived Federal Regulators
Former head of Twitter security and widely-known hacker, Peter Zatko, files complaint with federal agencies exposing the social media company's egregious deficiencies in security.
Twitter executives deceived federal regulators and the company’s own board of directors about "extreme, egregious deficiencies" in its defenses against hackers, as well as its meager efforts to fight spam, according to an explosive whistleblower complaint from its former security chief, writes the Washington Post.
Excerpt from the Washington Post: The complaint from former head of security Peiter Zatko, a widely admired hacker known as "Mudge," depicts Twitter as a chaotic and rudderless company beset by infighting, unable to properly protect its 238 million daily users including government agencies, heads of state and other influential public figures. Among the most serious accusations in the complaint is that Twitter violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid security plan. Zatko’s complaint alleges he had warned colleagues that half the company’s servers were running out-of-date and vulnerable software and that executives withheld dire facts about the number of breaches and lack of protection for user data, instead presenting directors with rosy charts measuring unimportant changes.
According to the Wall Street Journal, in November 2020, Twitter Inc. co-founder Jack Dorsey picked the famed ex-hacker, Peiter Zatko, to solve some of his social-media company’s most pernicious problems: protecting user privacy and the security of its computer systems.
Excerpt from the Wall Street Journal: His choice was a man with near-legendary status in the industry who had been finding flaws and ways to correct them for nearly 30 years. Mr. Zatko, known as "Mudge," is now alleging widespread dysfunction and flaws in the department he oversaw and was hired to fix. He emerged this week as a whistleblower after filing a complaint with federal regulators arguing that Twitter had, among other things, failed to protect the privacy of its users, and misled the public about its problems with spam and what are known as bot accounts. Twitter has broadly denied the allegations. Spam accounts are at the heart of a continuing dispute between the company and Elon Musk, whom the company sued in July to enforce his $44 billion takeover deal. Mr. Musk has alleged Twitter misrepresented its business, particularly as it relates to the level of spam or bot accounts, which Twitter denies.
Twitter is having a rough summer. In addition to a lackluster second quarter, it’s battling with Elon Musk over the Tesla CEO's decision to back out of buying the social media company. But matters got exponentially worse for the blue bird on Tuesday, when reports came out that its former security chief Peiter "Mudge" Zatko filed a whistleblower complaint suggesting Twitter is a security trainwreck, reports Yahoo! Finance.
Excerpt from Yahoo! Finance: Zatko's report, filed in July with the Securities and Exchange Commission, Department of Justice, and Federal Trade Commission, contends that Twitter disincentivized employees from determining the total number of bots on the platform in favor of growing monetizable daily active users. The firm asserts that less than 5% of those accounts are bots. Zatko, meanwhile, says that Twitter doesn’t understand how many bots are on the platform in general. While the Musk saga has been a drag for Twitter, if Zatko’s claims hold true, the company could face an array of lawsuits from shareholders claiming the social media network lied about its security and operations. It could also get hit with fines from regulators. More damaging, Twitter could end up shedding advertisers if they deem the company untrustworthy.