Peiter Zatko, Twitter’s former head of security, has submitted a whistleblower complaint expressing his concerns about what he perceives as significant security deficiencies within the company. This complaint, lodged in July 2022 with the Securities and Exchange Commission (SEC), the Department of Justice (DOJ), and the Federal Trade Commission (FTC), suggests that Twitter may have misled regulators and the public regarding its cybersecurity measures and the extent of fake and spam accounts on its platform.
Zatko, who is well-regarded in the cybersecurity community and known by his hacker handle “Mudge,” was brought on board by then-CEO Jack Dorsey following a notable hack in 2020 that affected the accounts of several high-profile individuals, including Joe Biden, Barack Obama, and Elon Musk. During his time at the company, he identified what he believes to be serious deficiencies and issues concerning negligence, willful ignorance, and implications for national security and democracy within Twitter’s operations.
The allegations outlined in the complaint include concerns that Twitter’s internal systems permitted excessive employee access to sensitive user data, thereby increasing the potential for misuse. Zatko also points out that the company may not have implemented adequate measures to detect and manage fake or spam accounts, indicating that there might be limited motivation among executives to accurately gauge their prevalence. Furthermore, he expresses apprehension about the company’s ability to manage data center failures, suggesting that concurrent outages could possibly lead to extended or even permanent disruptions of the platform.
In response, Twitter has stated that Zatko was let go in January 2022 due to concerns over “ineffective leadership and poor performance.” The company has characterized his allegations as a “false narrative” filled with “inconsistencies and inaccuracies” and lacking essential context. Twitter underscores that it has consistently prioritized security and privacy, asserting compliance with applicable privacy regulations, including a 2011 FTC settlement that mandated enhanced data security protections.
This whistleblower complaint has captured the interest of lawmakers. Senator Dick Durbin, chair of the Senate Judiciary Committee, has indicated an intention to investigate the allegations further in order to thoroughly understand these serious claims.
These developments may also have implications for Twitter’s ongoing legal proceedings with Elon Musk, who is seeking to withdraw from a $44 billion acquisition deal based on concerns over the number of fake accounts present on the platform. Musk’s legal team has reportedly issued a subpoena to Zatko as a potential witness in the matter.
Zatko is represented by Whistleblower Aid, which previously assisted former Facebook employee Frances Haugen in her disclosures. His attorney, John Tye, has clarified that Zatko initiated the whistleblowing process prior to Musk’s public involvement with Twitter and maintained that he has not had any contact with Musk.
As of this moment, the SEC, DOJ, and FTC have not provided public comments regarding the complaint.
Stay current with supply chain news on The Supply Chain Report. Free trade resources are available at ADAMftd.com.
#TwitterWhistleblower #CybersecurityConcerns #PeiterZatko #Mudge #TwitterSecurity #DataPrivacy #FakeAccounts #WhistleblowerComplaint #ElonMusk #SocialMediaSecurity #OnlineSafety #RegulatoryCompliance #DigitalPrivacy #TechRegulation #TwitterLawsuit
