Former Twitter security chief Peiter Zatko accuses the social network of “serious and shocking failures” and of lying about its fight against fake accounts.
Presenting himself as a whistleblower, the former security chief of Twitter accuses the social network of having concealed vulnerabilities in its protection system and lied about its fight against fake accounts, at the heart of a legal dispute which opposes him to Elon Musk.
In an 84-page document addressed last month to several American authorities and revealed Tuesday by the “Washington Post” and CNN, Peiter Zatko denounces “serious and shocking failures, willful ignorance and threats to national security and to democracy”.
Peiter Zatko mentions in particular obsolete servers, software vulnerable to computer attacks and affirms that the leaders of Twitter have sought to hide the number of hacking attempts from the American authorities as well as from the members of the board of directors.
Charges rejected by Twitter, which ensures that security and data protection are among its priorities. The complaint is “riddled with inconsistencies and vagueness”, says the social network in a message to AFP. The company is also directly attacking its former manager, accusing him of having chosen “an opportune moment” to “draw attention” and “damage Twitter, its customers and its shareholders”.
Along with accusations of security failures, the latter asserts that the company has consistently prioritized the growth of its number of users over the fight against spam and bots. In particular, he describes as a lie a tweet published in May by the platform’s boss, Parag Agrawal, assuring that Twitter was doing everything to detect and remove spam as quickly as possible.
However, this question is at the heart of the legal battle between Twitter and Elon Musk, the billionaire having repeatedly accused the company of minimizing the proportion of fake accounts and spam, estimated at 5% by the platform. Elon Musk is counting on this argument to justify abandoning his plan to buy Twitter for $44 billion and avoid paying severance pay.
“We have already subpoenaed Peiter Zatko and we find his dismissal and that of other key employees strange in light of what we have discovered,” said Alex Spiro, one of Elon Musk’s attorneys, in a statement. email to AFP. The entrepreneur, for his part, reacted by posting, on Twitter, a drawing of the cartoon character Jiminy Cricket whistling, an allusion to the English word designating whistleblowers.
Former hacker known by the nickname “Mudge”, Peiter Zatko was hired at the end of 2020 by the co-founder and ex-boss of Twitter, Jack Dorsey, after the hacking of the accounts of many personalities (Joe Biden, Barack Obama, Elon Musk, Jeff Bezos, Kim Kardashian, etc.).
According to Twitter, he was fired due to “ineffective leadership and poor performance.” “False”, answer his lawyers: he was fired “just two weeks” after a confrontation with Parag Agrawal on security issues.
He is being helped in his efforts by the association for the protection of whistleblowers, Whistleblower Aid, which has already defended Frances Haugen, a former computer scientist from Facebook whose revelations had tarnished the reputation of the social networking giant last fall. .
According to the “Washington Post” and CNN, congressional representatives wish to speak with Peiter Zatko. “If these accusations are true, they may raise fears of data protection and security risks for Twitter users around the world,” influential Democratic Senator Dick Durbin said in a statement.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.