Former security chief for Twitter, Peiter Zatko, told lawmakers in Washington on Tuesday that the platform’s leadership is “misleading the public, lawmakers, regulators, and even its own board of directors.”
“What I discovered when I joined Twitter, was that this enormously influential company was over a decade behind industry security standards.
“The company’s cyber security failures make it vulnerable to exploitation, cuasing real harm to real people.
“And when an influential media platform can be compromised by teenagers, thieves, spies, and the company repeatedly creates security problems on their own; this is a big deal for all of us,’ the former Twitter security chief said.
Last month, Zatko accused Twitter of misleading government regulators about cybersecurity practices and prioritizing growth over cracking down on spam accounts.
Zatko filed an 84-page complaint last month with several government agencies, alleging that Twitter had falsely claimed to have a strong security plan and that half of the company’s servers relied on software that was outdated and vulnerable to hackers.
The whistleblower document alleged Twitter prioritized user growth over reducing spam. Executives stood to win individual bonuses of as much as $10m tied to increases in daily users, as per the complaint, and nothing explicitly for cutting spam.
Whistleblower Aid, which represents Zatko, said he stands by everything in his disclosure. It also confirmed the authenticity of the disclosure as published on the Washington Post website. The Washington Post and CNN were the first to publish the story.
“What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context,” Twitter said in a statement.