Whistleblower and former Twitter CEO Peiter Zatko has criticized Twitter’s security policies during a public hearing before a US Senate committee. The platform is said to mislead ‘the public, legislators, regulators and government’.
Zatko spent a short time as chief of security at Twitter, where he said he saw a variety of security issues that were not addressed by the company, according to his statement on Tuesday. “I discovered that Twitter was managed by risks and crises, rather than managing risks and crises.”
In doing so, many cybersecurity risks would not be taken seriously by senior employees, if this information reached the board at all. “There was a corporate culture where only good news was passed on to management.”
It doesn’t matter who has the key if there is no lock on the door; anyone on Twitter could sift through user information for their own use
Most of the security risks that Zatko refers to have already been disclosed by him to the US regulator SEC (US Securities and Exchange Commission). For example, roughly half of all Twitter employees would have access to all kinds of user data, including phone numbers, email addresses, IP addresses and user locations.
“It’s not a stretch to say that an employee within the company could take over the account of all the senators in this space. (…) It doesn’t matter who has the key if there is no lock on the door; anyone on Twitter could sift through user information for their own use,” he told the US Senate.
In addition, Zatko claims that Twitter employed several foreign agents without doing anything about it. At least one spy from the Chinese Ministry of State Security is said to be working at the company. An Indian government employee is also said to have infiltrated the company.
Zatko criticizes not only Twitter, but also government agencies that should control the social medium. For example, the US Federal Trade Commission is said to have failed to adequately investigate whether Twitter is indeed complying with a previous settlement regarding the use of email addresses. “To be honest, I don’t think the FTC has a chance against [Twitter] given the size of tech giants. (…) It is now as if these companies are allowed to mark their own exam.”
After the hearing to National Public Radio, Twitter naturally disapproved of Zatko’s claims, which in many cases are said to be unsubstantiated. “Today’s hearing only confirms that Zatko’s allegations are fraught with inconsistencies and inaccuracies,” it said.
The CEO of the company in question, Parag Agrawal, was unable to attend the hearing despite an invitation, which Senator Chuck Grassley said is very unfortunate. “This committee’s case on protecting the American people from foreign influences is more important than Twitter’s civil lawsuit in Delaware.”
Grassley is referring to the lawsuit between Twitter and Elon Musk about the canceled takeover of Twitter due to the alleged large amount of spam and bot accounts on the platform. Incidentally, Zatko must also testify in that case.
Free unlimited access to Showbytes? Which can!
Log in or create an account and never miss a thing from the stars.