Twitter’s board has been covering up its ‘extreme, egregious deficiencies’ that make it a huge risk to national security and democracy, and executives have no idea how many bots are on the platform, a whistleblower has claimed.
‘Ethical hacker’ Peiter ‘Mudge’ Zatko, the social media firm’s former head of security, made the bombshell disclosure to Congress and federal agencies last month.
He claimed the tech giant is completely mismanaged with thousands of staff given access to central controls and the most sensitive information without adequate oversight, CNN reported.
Zatko, who reported directly to the CEO, said senior executives have been covering up the platform’s biggest vulnerabilities, and even claimed one or multiple employees could be working for foreign intelligence services.
The whistleblower said bosses have misled the board and regulators about its security flaws that have made it susceptible to hacking, manipulation and disinformation.
In claims that will bolster Elon Musk’s legal bid, Zatko also said Twitter chiefs do not have the resources to know how many bots are on the site.
Peiter ‘Mudge’ Zatko (pictured yesterday), the social media firm’s former head of security, made the bombshell disclosure to Congress and federal agencies last month
Mudge is pictured testifying before the Senate Governmental Affairs hearing on government computer security in 1998
The Tesla CEO claimed the platform has not been truthful about the number of bots and fake accounts among its 238 million daily active users, and subsequently backed out of his $44billion takeover deal.
Zatko, who previously worked at Google and the Department of Defense, also alleged that Twitter does not reliably delete user data after an account is cancelled, often because staff have lost track of it.
The disclosure describes his overall findings as ‘egregious deficiencies, negligence, willful ignorance, and threats to national security and democracy.’
His colorful career began in the 1990s, when he simultaneously conducted classified work for a government contractor and was among the leaders of Cult of the Dead Cow, a hacking group notorious for releasing Windows hacking tools in order to goad Microsoft into improving security.
He was appointed to Twitter to recommend changes in structure and practices to bolster its security after a series of damaging compromises that saw users including Barack Obama, Joe Biden and Elon Musk hacked.
He said at the time he will examine ‘information security, site integrity, physical security, platform integrity – which starts to touch on abuse and manipulation of the platform – and engineering.’
But he was fired in January for what the company claimed was poor performance but what he said was retaliation.
The tech wizard said he tried to flag the security lapses to the board before he went public.
According to his disclosure, Zatko had a tense relationship with Twitter CEO Parag Agrawal, who took over from Jack Dorsey (pictured) in November
Zatko claimed Agrawal (pictured last month) and his staff constantly discouraged him from giving a full account of the security problems to the board
Twitter told CNN: ‘Mr. Zatko was fired from his senior executive role at Twitter for poor performance and ineffective leadership over six months ago.
‘While we haven’t had access to the specific allegations being referenced, what we’ve seen so far is a narrative about our privacy and data security practices that is riddled with inconsistencies and inaccuracies, and lacks important context.
‘Mr. Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and we still have a lot of work ahead of us.’
According to his disclosure, Zatko had a tense relationship with Twitter CEO Parag Agrawal, who took over from Jack Dorsey in November.
He claimed Agrawal and his staff constantly discouraged him from giving a full account of the security problems to the board, instead instructing him to give an oral report on his findings.
The whistleblower also said he was ordered to present cherry-picked data to give a false impression of progress and then they went behind his back to scrub a consulting firm’s report and hide the extent of the problems.
Zatko claimed Dorsey was more amenable to his recommendations than Agrawal but he became less engaged in his final months at the tech giant.
The disclosure of more than 200 pages was sent to the Securities and Exchange Commission, the Federal Trade Commission, the Senate Intelligence Committee and the Department of Justice last month.
A copy has now been seen by CNN after it was passed on by a senior Democratic aide.