Please ensure Javascript is enabled for purposes of website accessibility
Whistleblower Accuses Twitter of Cybersecurity Negligence
gvw_ap_news
By Associated Press
Published 2 years ago on
August 23, 2022

Share

 

A former head of security at Twitter alleged that the company misled regulators about its cybersecurity defenses, privacy protections and its ability to detect and root out fake accounts, according to a whistleblower complaint filed with U.S. officials.

The revelation could create serious legal and financial problems for the social media platform, which is currently attempting to force Tesla CEO Elon Musk to consummate his $44 billion offer to buy the company.

Peiter Zatko, Twitter’s security chief until he was fired early this year, filed complaints last month with the U.S. Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice. The legal nonprofit Whistleblower Aid, which is working with Zatko, confirmed the authenticity of a redacted copy of the complaint posted online by the Washington Post.

Among Zatko’s most serious accusations is that Twitter violated the terms of a 2011 FTC settlement by falsely claiming that it had strong security measures in place to protect the security and privacy of its users. Zatko also accuses the company of deceptions involving its handling of “spam” or fake accounts, an allegation that is at the core of Musk’s attempt to back out of the Twitter takeover.

Shares of Twitter Inc. slid 5.4% Tuesday. Zatko didn’t immediately respond to a request for comment Tuesday. But he told the Post he “felt ethically bound” to come forward.

Better known by his hacker handle “Mudge,” Zatko is a highly respected cybersecurity expert who first gained prominence in the 1990s and later worked in senior positions at the Pentagon’s Defense Advanced Research Agency and Google.

He joined Twitter at the urging of then-CEO Jack Dorsey in late 2020, the same year the company suffered an embarrassing security breach involving hackers who broke into the Twitter accounts of world leaders, celebrities and tech moguls, including Musk, in an attempt to scam their followers out of bitcoin.

Twitter said in a prepared statement Tuesday that Zatko was fired for “ineffective leadership and poor performance” and said the “allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders.” The company called his complaint “a false narrative” that is “riddled with inconsistencies and inaccuracies and lacks important context.”

Zatko’s attorneys, Debra Katz and Alexis Ronickher, said Twitter’s claim about his poor performance is false and that he repeatedly raised concerns about “grossly inadequate information security systems” with top executives and Twitter’s board of directors. The lawyers said that in late 2021, after the board was given “whitewashed” information about those security problems, Zatko escalated his concerns, “clashed” with CEO Parag Agrawal and board member Omid Kordestani and was fired two weeks later.

The 84-page complaint describes a broken corporate culture at Twitter that lacked effective leadership and where Zatko said top executives practiced “deliberate ignorance” of pressing problems. His description of Dorsey’s leadership style is particularly scathing, saying the Twitter founder was “extremely disengaged” during the last months of his tenure as CEO to the point where he would not even speak during meetings on complex issues facing the company.

Zatko said he heard from colleagues that Dorsey would remain silent for “days or weeks.” Dorsey announced he was stepping down as Twitter CEO in November 2021.

The disclosure says Twitter offered no monetary incentives for improving security and platform integrity, although the company did offer $10 million bonuses last year for top executives who could generate short-term user growth.

Among Zatko’s damning accusations of cybersecurity malpractice: Software and security updates were disabled on more than a third of employees’ computers — unduly exposing them to malware — and it was common for people to install “whatever software they wanted on their work systems.” Such lapses are typically considered cardinal sins in cybersecurity.

Whistleblower Aid said it is legally precluded from sharing Zatko’s statement. The same group worked with former Facebook employee Frances Haugen, who testified to Congress last year after leaking internal documents and accusing the social media giant of choosing profit over safety.

A spokesperson for the U.S. Senate’s intelligence committee, Rachel Cohen, said the committee has received Zatko’s complaint and “is in the process of setting up a meeting to discuss the allegations in further detail. We take this matter seriously.”

Sen. Dick Durbin, an Illinois Democrat, said in a prepared statement that if the claims are accurate, “they may show dangerous data privacy and security risks for Twitter users around the world.”

Among the most alarming complaints is Zatko’s allegation that Twitter knowingly allowed the Indian government to place its agents on the company payroll where they had “direct unsupervised access to the company’s systems and user data.”

A 2011 FTC complaint noted that Twitter’s systems were full of highly sensitive data that could allow a hostile government to find precise location data for specific users and target them for violence or arrest. Earlier this month, a former Twitter employee was found guilty after a trial in California of passing along sensitive Twitter user data to royal family members in Saudi Arabia in exchange for bribes.

The complaint said Twitter was also heavily reliant on funding by Chinese entities and that there were concerns within Twitter that the company was providing information to those entities that would enable them to learn the identify and sensitive information of Chinese users who secretly use Twitter, which is officially banned in China.

Zatko also describes “deliberate ignorance” by Twitter executives on counting the millions of accounts that are automated “spam bots” or otherwise have no value to advertisers because there is no person behind them.

Alex Spiro, an attorney representing Musk in his effort to back out of his Twitter acquisition deal, said lawyers have issued a subpoena for Zatko. “We found his exit and that of other key employees curious in light of what we have been finding,” Spiro wrote in an email Tuesday. Spiro said Zatko and Musk have not been in contact at any time this year.

RELATED TOPICS:

DON'T MISS

How California Legislators Got More Than $1.4 Million in Travel and Gifts in 2023

DON'T MISS

‘Digital Democracy’ Project Penetrates California’s Opaque Political Processes

DON'T MISS

US Shoots Down Iran-Launched Attack Drones as Biden Team Pledges ‘Support’ for Israel

DON'T MISS

Sacramento Gave Homeless Camp a Lease as an Experiment. Here’s What Happened.

DON'T MISS

Merced Supervisors Accused of ‘Triple Crown Race’ of Failures Amid Talk of Closing Fire Stations

DON'T MISS

Teacher Appreciation Week Surprises That Educators Will Love

DON'T MISS

A Mission of Mercy, Then a Fatal Strike: How an Aid Convoy in Gaza Became Israel’s Target

DON'T MISS

Walberg Era Begins With a Charge to ‘Revolutionize’ Bulldogs Basketball

DON'T MISS

California Man Sentenced to 40 Years to Life for Fatal Freeway Shooting of 6-Year-Old Boy

DON'T MISS

16 Clovis Students Rewarded With Scholarships for Their Resilience

UP NEXT

College Students Are Flocking to the Marriage Pact, Mostly for Fun, but Some Find Lasting Love

UP NEXT

Tesla Settles Lawsuit Over Man’s Death in a Crash Involving Its Semi-Autonomous Driving Software

UP NEXT

Free Blue Checks Return on Elon Musk’s X

UP NEXT

Instagram, WhatsApp, and Facebook Go Offline in Brief Outage

UP NEXT

Trump Media Stock Plummets Following Huge Loss Disclosure

UP NEXT

Cranes Arriving to Start Removing Wreckage From Deadly Baltimore Bridge Collapse

UP NEXT

Facebook News Tab Will Soon Be Unavailable as Meta Scales Back News and Political Content

UP NEXT

Trump’s Social Media Company Approved to Go Public, Potentially Netting Former President Billions

UP NEXT

Apple Has Kept an Illegal Monopoly Over Smartphones in US, Justice Department Says in Antitrust Suit

UP NEXT

Biden Touts Arizona as America’s ‘Future’ as Government Invests $8.5 Billion in Chipmaker Intel

Sacramento Gave Homeless Camp a Lease as an Experiment. Here’s What Happened.

2 days ago

Merced Supervisors Accused of ‘Triple Crown Race’ of Failures Amid Talk of Closing Fire Stations

2 days ago

Teacher Appreciation Week Surprises That Educators Will Love

2 days ago

A Mission of Mercy, Then a Fatal Strike: How an Aid Convoy in Gaza Became Israel’s Target

2 days ago

Walberg Era Begins With a Charge to ‘Revolutionize’ Bulldogs Basketball

2 days ago

California Man Sentenced to 40 Years to Life for Fatal Freeway Shooting of 6-Year-Old Boy

2 days ago

16 Clovis Students Rewarded With Scholarships for Their Resilience

2 days ago

Dr. Green Thumb’s Is Open. Sweet Flower Debuts Saturday in Fresno Cannabis Rollout.

2 days ago

Reacher Star Alan Ritchson Calls Donald Trump a ‘Rapist’

2 days ago

Community Leaders Call for Transparency in Fresno Superintendent Search

2 days ago

How California Legislators Got More Than $1.4 Million in Travel and Gifts in 2023

Last June, more than half of California’s lawmakers — Republicans and Democrats alike, with no particular ideological preference — attended ...

18 hours ago

18 hours ago

How California Legislators Got More Than $1.4 Million in Travel and Gifts in 2023

18 hours ago

‘Digital Democracy’ Project Penetrates California’s Opaque Political Processes

1 day ago

US Shoots Down Iran-Launched Attack Drones as Biden Team Pledges ‘Support’ for Israel

2 days ago

Sacramento Gave Homeless Camp a Lease as an Experiment. Here’s What Happened.

2 days ago

Merced Supervisors Accused of ‘Triple Crown Race’ of Failures Amid Talk of Closing Fire Stations

2 days ago

Teacher Appreciation Week Surprises That Educators Will Love

2 days ago

A Mission of Mercy, Then a Fatal Strike: How an Aid Convoy in Gaza Became Israel’s Target

2 days ago

Walberg Era Begins With a Charge to ‘Revolutionize’ Bulldogs Basketball

MENU

CONNECT WITH US

Search

Send this to a friend