After the former security officer at Twitter โ Peiter โMudgeโ Zatko โ complained about lax security practices it was following, the Senate and Congressional committee leaders from both sides said they were looking into the matter.
Zatko revealed how Twitter is rewarding those who achieved increasing user growth but not those who reduced the bot spam. Further, he said half of Twitterโs infrastructure is outdated and also violated the terms it promised to FTC in a past privacy settlement.
Weak Security and Terms Violations
Aside from the legal battle with Elon Musk over its acquisition deal, Twitter is in fresh turmoil from a whistleblower activity. The companyโs former security officer Peiter โMudgeโ Zatko, has filed a complaint with the SEC, FTC, and the Department of Justice regarding various issues at Twitter.
He accused the platformโs weak security practices โ like half of its systems are running on outdated software and many people within the company having wide-ranging internal access to core company software.
This could be harmful, as any of those employeesโ account takeover by a hacker can lead to severe consequences, as we saw in 2020, with many high-profile accounts being hijacked for a cryptocurrency scam.
He further accused the company of rewarding the people who worked for user growth over reducing spam and also violating the terms it made with FTC in the past. Twitter was sued by FTC over weak practices in protecting usersโ data in 2011, which it settled by promising new policies to safeguard them.
The whistleblowerโs allegations of widespread security failures at Twitter, willful misrepresentations by top executives to government agencies, and penetration of the company by foreign intelligence raise serious concerns. https://t.co/9QQtlDSogr
— Senator Dick Durbin (@SenatorDurbin) August 23, 2022
Feeling โethically boundโ as a member of the cybersecurity community, Zatko filed a complaint against Twitter to SEC, DoJ, and FTC โ which led the senate and Congress leaders from both sides to look into it now.
The offices of Durbin and the committeeโs ranking member Chuck Grassley said theyโve already held talks with Zatko, with the Intelligence Committee saying itโs planning a meeting with the whistleblower soon.
Quashing up all these allegations and calling Zatkoโs allegations โriddled with inaccuraciesโ, Twitter spokesperson Rebecca Hahn said;
โSecurity and privacy have long been top company-wide priorities at Twitter.โ The company fired Zatko โfor poor performance and leadership,โ and his complaints now โappear to be opportunistically seeking to inflict harm on Twitter, its customers, and its shareholdersโ.