Twitter gets accused for cyber security negligence 

Twitter gets accused of cyber security negligence 

A former head of security at Twitter filed whistleblower complaints with U.S. officials on Tuesday, Aug. 23, 2022, and has alleged that the company has misled regulators about its cyber security defenses and its problems with fake accounts.

Twitter's security chief who was fired earlier this year, filed the complaints last month with the US Security exchange commission, the Federal Trade Commission, and the Department of Justice.

Twitter and its misleading agendas

The former head of security of Twitter recently alleged the social media company had misled regulators about its poor cybersecurity defenses and its negligence in attempting to root out fake accounts that spread disinformation.

This revelation that has come up might create some serious and legal problems for the social media platform, which is currently also forcing Tesla owner Elon Musk to give $44 billion for simply hyping to buy the company.

Peter Zatko was fired from his position as Twitter’s security chief last year but he filed the complaints last month with the U.S. Securities and Exchange Commission, the Federal Trade Commission, and the Department of Justice.

The legal nonprofit Whistleblower, which is working with Zatko, confirmed the authenticity of a redacted copy of the complaint posted online by the Washington Post.

“This was the last resort for him,” said John Tye, the group's co-founder and chief disclosure officer, in an interview Tuesday. He said Zatko exhausted all attempts to get his concerns resolved inside the company before his firing in January.

The former security chief. Accused Twitter of violating the terms of a 2011 FTC settlement by falsely claiming that it had put stronger measures in place to protect the security and privacy of its users. He also accused the company of deceptions involving its handling of “spam" or fake accounts, an allegation that is at the core of Musk's attempt to back out of the Twitter takeover.

Also Read: Elon Musk drags the CEO of Twitter and his longtime friend Jack Dorsey in a $44 billion legal case 

Add Block

A little about Peter Zatko, who has created the controversy 

Better known by his hacker handle “Mudge,” Zatko is a highly respected cybersecurity expert who first gained prominence in the 1990s and later worked in senior positions at the Pentagon’s Defense Advanced Research Agency and Google.

He joined the social media platform Twitter after CEO Jack Dorsey had urged him to do so in late 2020, and in the same year, the company suffered an embarrassing security breach involving hackers who broke into the Twitter accounts of world leaders, celebrities, and tech moguls, including Elon Musk, in an attempt to scam their followers out of bitcoin.

Twitter released a statement revealing that Zatko was fired for “ineffective leadership and poor performance” and said the “allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers, and its shareholders.”

The company also called his complaint “a false narrative” that is “riddled with inconsistencies and inaccuracies and lacks important context.”Zatko’s attorneys said Twitter's claim about his poor performance is false and that he repeatedly raised concerns about “grossly inadequate information security systems” with top executives and Twitter's board of directors.

The social media platform that lacks security 

The 84-page long complaint describes a broken corporate culture at Twitter that lacked effective leadership and where Zatko said top executives practiced “deliberate ignorance” of pressing problems. His description of Dorsey’s leadership style is particularly scathing; he described the Twitter founder as “extremely disengaged” during the last months of his tenure as CEO to the point where he would not even speak during meetings on complex issues facing the company.

The disclosure also reveals that Twitter offered no monetary incentives for improving security and platform integrity, although the company did offer $10 million bonuses last year for top executives who could generate short-term user growth.

Zatko’s accusations of cybersecurity malpractice include Software and security updates that were disabled on more than a third of employees’ computers which unduly exposed them to malware and it was common for people to install “whatever software they wanted on their work systems.” 

According to Whistleblower Aid, disseminating Zatko's testimony is illegal. Frances Hauger, a former employee of Facebook, testified before Congress last year after releasing internal papers and charged the social media with putting business before users who were members of the same organization.

A spokesperson for the U.S. Senate's intelligence committee, Rachel Cohen, said the committee has received Zatko's complaint and is working on setting up a meeting "to discuss the allegations in further detail. We take this matter seriously.”