September 14, 2022 – Twitter’s former security chief turned whistleblower, Peiter Zatko, appeared on Tuesday before US lawmakers to give testimony following his complaint about vulnerabilities in the security infrastructure at the popular social networking platform.
Zatko, who was fired by the company in January, claimed in front of the Senate Judiciary Committee that Twitter staff have excessive access to sensitive data and levelled allegations of inadequate security measures to protect user data and privacy. He also criticised the company’s security standards, saying “half the company” comprised engineers who had access to the personal information of users. Around 4,000 employees likely have access to this data and Twitter does not log their sensitive activities, Zatko said.
According to Zatko, Twitter showed a dismissive attitude towards the issues he raised regarding national security and the fines imposed on the company by regulators “didn’t bother Twitter at all”.
The whistleblower alleged despite warnings of possible spies at the firm, Twitter failed to identify and eliminate agents and curb the threats posed by foreign intelligence interventions. The company lacks the resources and motivation to do so, he added.
Zatko, who had earlier claimed that Twitter had hired an Indian government agent, said that a week before he was fired, Twitter received a warning from the Federal Bureau of Investigation (FBI) regarding the possible presence of one or more Chinese spies.
Zatko filed his complaint with the US Securities and Exchange Commission (SEC), Department of Justice (DOJ) and the Federal Trade Commission (FTC) in July. Later, they were published by The Washington Post and CNN on August 23, sparking an intense debate about Twitter’s handling of personal user data, privacy measures, and unprotected information systems.
Prior to the testimony, the lawmakers had sent a series of questions to Twitter CEO Parag Agrawal, seeking information about how Twitter protects personal user data, deals with internal threats and foreign intelligence operatives, and Zatko’s allegations that the company deliberately misled the regulators about the protection of users’ privacy on the social networking platform.
Agrawal was also invited to testify alongside the whistleblower, but Twitter declined the invitation.
