Former Head of Security at Twitter, Peiter Mudge Zatko Reveals Company’s Unwillingness to fix its Security Vulnerabilities
According to CNN, a whistleblower disclosed that Twitter has major security problems which put many at risk. The whistleblower alleged that the security problems threaten its users’ personal information, company shareholders, national security, and democracy.
Peiter Mudge Zatko, the former head of security at Twitter, was identified as the whistleblower. Zatko disclosed the information to Congress and Federal agencies depicting Twitter as a reckless and mismanaged company.
He mentioned that the company allows too many of its staff access to central controls and the most sensitive information. He also alleged that some of the company’s most senior executives have been trying to cover up Twitter’s serious vulnerabilities.
Zatko explained that mismanaged means the company would be unaware if an employee works for foreign intelligence. As the head of security, Zatko reports directly to the CEO. He was fired by Twitter, Inc, in January 2022 and the company stated it was because of his poor performance.
According to Zatko, his public whistleblowing comes after he attempted to combat security flaws. The security flaws were to be revealed to Twitter’s board to fix Twitter’s technical shortcomings and non-compliance with the Federal Trade Commission privacy agreement.
Zatko believes his firing was in retaliation for his sounding the alarm about the company’s security problems. Zatko is being represented by Whistleblower Aid, a non-profit legal assistance organization that supports whistleblowers.
John Tye, the founder of Whistleblower Aid and Zatko’s lawyer told CNN that Zatko began the whistleblower process before Elon Musk revealed his interest in buying Twitter. The events leading to his decision to become a whistleblower began before he worked at Twitter.
It was after the devastating hack of Twitter accounts in 2020, in which the world’s most famous people were victimized. At the time, President Joe Biden, former President Barack Obama, Kim Kardashian, and Elon Musk’s accounts were compromised.
The whistleblower further alleged that Twitter’s leadership has misled its board and government regulators about its security vulnerabilities. He said that some of the vulnerabilities could cause foreign spying or manipulation, hacking, and disinformation campaigns.
He added that Twitter does not permanently delete users’ data because the company has lost track of information. According to Zatko, Twitter has misled regulators about whether it deletes data as it is required to do.
Furthermore, Zatko emphasized on Twitter’s bot issue. He said that Twitter’s executives don’t have the resources to fully understand the true number of bots on the platform. Bots seemed to be the main issue that hindered Elon Musk’s attempts to buy the company.
After the information was published, Alex Spiro, an attorney for Elon Musk, said, “We have already issued a subpoena for Mr. Zatko. We found his exit and that of other key employees curious in the light of what we have been looking for.”
However, a Twitter spokesperson said that security and privacy are both longtime priorities for the company. “Mr. Zatko was fired from his senior executive role at Twitter in January 2022 for ineffective leadership and poor performance. What we’ve seen so far is a false narrative about Twitter.
Mr. Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers, and shareholders. Security and privacy have long been company-wide priorities at Twitter and will continue to be.”
Twitter also said the company provides clear tools for users to control privacy, ad targeting, and data sharing. The company added that it has created internal workflows to ensure users know that when they cancel their accounts, Twitter will deactivate the account and start the deletion process. However, Twitter did not say whether it typically completes the process.