Ex-security chief files high-profile complaint against Twitter

AA / Houston, TX / Darren Lyn

Former Twitter security chief Peiter Zatko has filed a high-profile lawsuit against his former employer, alleging cybersecurity negligence and mismanagement.

In the complaint he filed on July 6 with the Securities and Exchange Commission (SEC), the Federal Trade Commission (FTC) and the United States Department of Justice (DOJ), Peiter Zatko claims having witnessed “gross misconduct, negligence, cover-up and threats to national security and democracy”.

Zatko said he tried to bring the security breaches to the attention of Twitter executives, but the company’s board ignored him.

“In 2020 alone, Twitter experienced over 40 security incidents, 70% of which were related to access control,” he said in the complaint, obtained by The Washington Post and CNN.

And to add: “These incidents included 20 identified as vulnerabilities; all but two were related to access control.”

The former security chief further alleged that Twitter lacked basic security screening, including thousands of employee laptops containing full copies of Twitter’s source code, while nearly a third of these devices were blocking automatic security updates or had system firewalls turned off.

According to Zatko, Twitter’s 5,000 full-time employees had broad access to the platform’s internal software, which was not closely monitored, giving those employees the ability to access sensitive data and change how it works. of the platform.

“Employees have been found to intentionally install spyware on their work computers on several occasions at the request of outside organizations,” he said.

“The allegations I received from a whistleblower on Twitter raise serious national security concerns as well as privacy concerns, and they should be further investigated. “Senator Charles Grassley said in a statement. Grassley’s office reportedly discussed security issues with Zatko.

And Grassley adds: “Take a technology platform that collects massive amounts of user data, combine it with what appears to be incredibly weak security infrastructure and infuse it with foreign state actors with a purpose, and you there you have a recipe for disaster”.

Peiter Zatko, a well-known hacker, was hired by Twitter in late 2020, months after a high-profile security breach allowed hackers to hijack the Twitter accounts of some of the most famous people in the world. world, including United States President Joe Biden and Tesla CEO Elon Musk, which makes the whistleblower’s complaint all the more relevant.

Elon Musk is currently embroiled in a legal battle with Twitter to try to extricate himself from a $44 billion deal to buy the social media platform, claiming Twitter misrepresented user data and the number of spam bots on the platform is much higher than what the company revealed.

Zatko’s complaint appears to support Musk’s claims, as Zatko said in the complaint that Twitter executives lack the resources to fully understand the true number of bots on the platform.

“Mr. Zatko’s allegations and timing appear designed to capture attention and inflict harm on Twitter, its customers and shareholders,” Twitter spokesperson Madeline Broas said, adding, “Mr. Zatko has been terminated from his senior position at Twitter in January 2022, for demonstrating a lack of leadership and delivering poor performance.”

“What we’ve seen so far is a misleading narrative about Twitter and our data privacy and security practices that is riddled with inconsistencies and inaccuracies and woefully lacking in context,” he said. -she adds.

“Security and privacy have long been company-wide priorities at Twitter and will continue to be.”

*Translated from English by Mourad Belhaj

Only part of the dispatches, which Anadolu Agency broadcasts to its subscribers via the Internal Broadcasting System (HAS), is broadcast on the AA website, in a summarized manner. Please contact us to subscribe.


Leave a Comment