© 2025 Connecticut Public

FCC Public Inspection Files:
WEDH · WEDN · WEDW · WEDY
WEDW-FM · WNPR · WPKT · WRLI-FM
Public Files Contact · ATSC 3.0 FAQ
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

A former employee accuses Twitter of big security lapses in a whistleblower complaint

Peiter Zatko, Twitter's former security head, poses for a portrait on Aug. 22 in Washington, D.C. Zatko accused the company of ignoring major security vulnerabilities in an explosive whistleblower complaint.
Matt McClain
/
The Washington Post via Getty Images
Peiter Zatko, Twitter's former security head, poses for a portrait on Aug. 22 in Washington, D.C. Zatko accused the company of ignoring major security vulnerabilities in an explosive whistleblower complaint.

A well-known former hacker known as "Mudge" has filed an explosive whistleblower complaint against Twitter, alleging the company ignored major security vulnerabilities and misrepresented the number of "bots," or fake accounts, on the platform.

Peiter Zatko, who until January served as Twitter's security head, filed the complaint last month with the Securities and Exchange Commission and the Federal Trade Commission. The complaint was first reported by The Washington Post and CNN.

Zatko claims Twitter executives ignored multiple security vulnerabilities, including failing to follow basic conventions like properly safeguarding staff access to core software, promptly deleting closed accounts, and updating security software on company laptops and servers.

The whistleblower also accuses Twitter of misleading federal regulators about its progress toward tightening up the privacy and security of its users' accounts after a major hack.

The complaint adds that Twitter's policy toward fake accounts incentivized "deliberate ignorance" by undercounting spam accounts and providing bonuses to executives for growing the number of users on the platform, but not sniffing out bots.

Twitter's security vulnerabilities makes the platform vulnerable to foreign spies, hacking and disinformation campaigns, Zatko further alleges.

Elon Musk attends The 2022 Met Gala at The Metropolitan Museum of Art in New York City on May 2. A whistleblower complaint against Twitter comes as the company is in the midst of a legal battle with Musk.
Dimitrios Kambouris / Getty Images for The Met Museum/Vogue
/
Getty Images for The Met Museum/Vogue
Elon Musk attends The 2022 Met Gala at The Metropolitan Museum of Art in New York City on May 2. A whistleblower complaint against Twitter comes as the company is in the midst of a legal battle with Musk.

The claims come as Twitter battles Elon Musk

The complaint comes at a sensitive time for Twitter, which is preparing for a high-profile legal battle to compel billionaire Elon Musk to buy the company after he agreed to a $44 billion purchase deal.

But Musk is now looking to back out of the deal, arguing primarily that Twitter wasn't forthcoming about the number of bots and spam among daily active users on its platform – which the social media company has strongly denied.

The dispute between Twitter and Musk is scheduled to go to trial on Oct. 17.

Zatko was hired as Twitter's security head in 2020 by former CEO Jack Dorsey after teenage hackers took over high-profile verified accounts, including those belonging to former President Obama, then-presidential candidate Joe Biden, and Musk.

Twitter, in a statement, said Zatko's complaints are "riddled with inconsistencies and inaccuracies" and said he was fired for poor performance in January. It added the complaint was "opportunistic" and "designed to capture attention and inflict harm on Twitter, its customers and its shareholders."

Zatko said he tried to warn Twitter's risk committee in January that executives were ignoring security flaws, but was fired by CEO Parag Agrawal two weeks later.

Copyright 2022 NPR. To see more, visit https://www.npr.org.

Raquel Maria Dillon
Raquel Maria Dillon has worked on both sides of the country, on both sides of the mic, at Member stations and now as an editor with Morning Edition. She specializes in documenting wildfires and other national disasters, translating the intricacies of policy into plain English and explaining the implications of climate change.

The independent journalism and non-commercial programming you rely on every day is in danger.

If you’re reading this, you believe in trusted journalism and in learning without paywalls. You value access to educational content kids love and enriching cultural programming.

Now all of that is at risk.

Federal funding for public media is under threat and if it goes, the impact to our communities will be devastating.

Together, we can defend it. It’s time to protect what matters.

Your voice has protected public media before. Now, it’s needed again. Learn how you can protect the news and programming you depend on.

SOMOS CONNECTICUT is an initiative from Connecticut Public, the state’s local NPR and PBS station, to elevate Latino stories and expand programming that uplifts and informs our Latino communities. Visit CTPublic.org/latino for more stories and resources. For updates, sign up for the SOMOS CONNECTICUT newsletter at ctpublic.org/newsletters.

SOMOS CONNECTICUT es una iniciativa de Connecticut Public, la emisora local de NPR y PBS del estado, que busca elevar nuestras historias latinas y expandir programación que alza y informa nuestras comunidades latinas locales. Visita CTPublic.org/latino para más reportajes y recursos. Para noticias, suscríbase a nuestro boletín informativo en ctpublic.org/newsletters.

The independent journalism and non-commercial programming you rely on every day is in danger.

If you’re reading this, you believe in trusted journalism and in learning without paywalls. You value access to educational content kids love and enriching cultural programming.

Now all of that is at risk.

Federal funding for public media is under threat and if it goes, the impact to our communities will be devastating.

Together, we can defend it. It’s time to protect what matters.

Your voice has protected public media before. Now, it’s needed again. Learn how you can protect the news and programming you depend on.

Related Content
Connecticut Public’s journalism is made possible, in part by funding from Jeffrey Hoffman and Robert Jaeger.