Which is the one company that has consistently been in the news this year? That’s right, it is Twitter Inc. But this time, it has nothing to do with Elon Musk and everything to do with a Twitter whistleblower who has made some shocking security claims.
It does not help matters that the person making these allegations about Twitter security is none other than the social media site’s former security head, who was fired early this year. Former Twitter security head Peiter “Mudge” Zatko recently told the world that the site has deliberately misled regulators about its security features. He said that its vulnerabilities make it an easy target for foreign spies, hacking, and disinformation campaigns.
Twitter Whistleblower’s Security Allegations
Zatko filed a complaint with US officials claiming that Twitter Inc., has been lax about its cybersecurity arrangements and has not made much effort to weed out fake accounts that spread misinformation. He also alleged that the top management practiced “deliberate ignorance” pertaining to these problems and never took any constructive action. The company is rumored to have given too many employees access to sensitive information, which eventually led to a major breach. Incidentally, Zatko was hired by former Twitter CEO Jack Dorsey after the hack in 2020.
The Twitter whistleblower has accused Twitter Inc., of making misleading statements regarding its defense systems against hackers and bots. He filed the complaint with the US Securities and Exchange Commission (SEC), the Federal Trade Commission (FTC), and the Justice Department (DoJ). The complaint about Twitter security was also sent to Senate Judiciary and Intelligence committees, who promised to look into the allegations and conduct their own investigations.
“If these claims are accurate, they may show dangerous data privacy and security risks for Twitter users around the world,” said Sen. Dick Durbin (D. Ill.), the chairman of the Judiciary Committee. “I will continue investigating this issue and take further steps as needed to get to the bottom of these alarming allegations.”
One of the biggest allegations made by the whistleblower against Twitter Inc., is that the microblogging site lied to federal regulators about tightening its security features — protecting the privacy of users — following a major hack. Zatko submitted an 84-page long complaint to the authorities, chiefly claiming that Twitter Inc., prioritized user growth over data security. He also revealed that executives were eligible for individual bonuses to the tune of $10 million, depending on how much they contributed towards increasing daily users. The company focused on growing users while ignoring bots and spam accounts.
To discuss the Twitter whistleblower’s allegations, the US Senate Judiciary committee will hold a hearing on September 13.
The Aftermath
A company spokesperson, however, denied the Twitter whistleblower’s claims and stated it was rife with “inconsistencies and inaccuracies and lacks important context.”
The company went on to state, “Mr. Zatko was fired from his senior executive role at Twitter in January 2022 for ineffective leadership and poor performance. What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context. Mr Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and will continue to be.”
On August 24, Twitter Inc., admitted that the company is facing numerous exits as leaders tried to do damage control amidst the Twitter whistleblower’s allegations and Musk’s pending acquisition of the site. Employee attrition stood at over 18% and the company has struggled to rein in sinking morale, while share prices tanked after the allegations were made public.
