© 2022 Connecticut Public

FCC Public Inspection Files:
WEDH · WEDN · WEDW · WEDY · WNPR
WPKT · WRLI-FM · WEDW-FM · Public Files Contact
Play Live Radio
Next Up:
0:00
0:00
Available On Air Stations

A former employee accuses Twitter of big security lapses in a whistleblower complaint

Peiter Zatko, Twitter's former security head, poses for a portrait on Aug. 22 in Washington, D.C. Zatko accused the company of ignoring major security vulnerabilities in an explosive whistleblower complaint.
Matt McClain
/
The Washington Post via Getty Images
Peiter Zatko, Twitter's former security head, poses for a portrait on Aug. 22 in Washington, D.C. Zatko accused the company of ignoring major security vulnerabilities in an explosive whistleblower complaint.

A well-known former hacker known as "Mudge" has filed an explosive whistleblower complaint against Twitter, alleging the company ignored major security vulnerabilities and misrepresented the number of "bots," or fake accounts, on the platform.

Peiter Zatko, who until January served as Twitter's security head, filed the complaint last month with the Securities and Exchange Commission and the Federal Trade Commission. The complaint was first reported by The Washington Post and CNN.

Zatko claims Twitter executives ignored multiple security vulnerabilities, including failing to follow basic conventions like properly safeguarding staff access to core software, promptly deleting closed accounts, and updating security software on company laptops and servers.

The whistleblower also accuses Twitter of misleading federal regulators about its progress toward tightening up the privacy and security of its users' accounts after a major hack.

The complaint adds that Twitter's policy toward fake accounts incentivized "deliberate ignorance" by undercounting spam accounts and providing bonuses to executives for growing the number of users on the platform, but not sniffing out bots.

Twitter's security vulnerabilities makes the platform vulnerable to foreign spies, hacking and disinformation campaigns, Zatko further alleges.

Elon Musk attends The 2022 Met Gala at The Metropolitan Museum of Art in New York City on May 2. A whistleblower complaint against Twitter comes as the company is in the midst of a legal battle with Musk.
Dimitrios Kambouris / Getty Images for The Met Museum/Vogue
/
Getty Images for The Met Museum/Vogue
Elon Musk attends The 2022 Met Gala at The Metropolitan Museum of Art in New York City on May 2. A whistleblower complaint against Twitter comes as the company is in the midst of a legal battle with Musk.

The claims come as Twitter battles Elon Musk

The complaint comes at a sensitive time for Twitter, which is preparing for a high-profile legal battle to compel billionaire Elon Musk to buy the company after he agreed to a $44 billion purchase deal.

But Musk is now looking to back out of the deal, arguing primarily that Twitter wasn't forthcoming about the number of bots and spam among daily active users on its platform – which the social media company has strongly denied.

The dispute between Twitter and Musk is scheduled to go to trial on Oct. 17.

Zatko was hired as Twitter's security head in 2020 by former CEO Jack Dorsey after teenage hackers took over high-profile verified accounts, including those belonging to former President Obama, then-presidential candidate Joe Biden, and Musk.

Twitter, in a statement, said Zatko's complaints are "riddled with inconsistencies and inaccuracies" and said he was fired for poor performance in January. It added the complaint was "opportunistic" and "designed to capture attention and inflict harm on Twitter, its customers and its shareholders."

Zatko said he tried to warn Twitter's risk committee in January that executives were ignoring security flaws, but was fired by CEO Parag Agrawal two weeks later.

Copyright 2022 NPR. To see more, visit https://www.npr.org.

Raquel Maria Dillon
Raquel Maria Dillon has worked on both sides of the country, on both sides of the mic, at Member stations and now as an editor with Morning Edition. She specializes in documenting wildfires and other national disasters, translating the intricacies of policy into plain English and explaining the implications of climate change.
Related Content