Twitter has misled US regulators over hacking and spam, a whistleblower says

Twitter Inc. misled federal regulators about its defenses against hackers and spam accounts, the social media company’s former security chief Peiter Zatko said in a whistleblower complaint.

In an 84-page complaint, Zatko, a famous hacker widely known as “Mudge,” claimed Twitter falsely claimed it had a sound security plan, according to documents provided by congressional investigators. Twitter’s shares fell 7.3 percent to close at $39.86.

The document claims Twitter has prioritized user growth over spam reduction, with executives eligible to win individual bonuses of up to $10 million tied to daily user growth, and nothing explicitly for the reduction of spam.

Twitter called the complaint “false narrative”. The social media company has fought Elon Musk in court after the world’s richest person tried to pull out of a $44 billion deal to buy Twitter. Musk said it didn’t disclose the proliferation of bot and spam accounts.

Tesla Inc. CEO Musk had offered to buy Twitter for $54.20 a share, saying he believed it could be a global platform for free speech.

Twitter and Musk have sued each other, with Twitter asking a judge in the Delaware Court of Chancery to order Musk to complete the deal. A trial is scheduled for October 17.

Zatko filed the complaint with the US Securities and Exchange Commission and the Department of Justice and the Federal Trade Commission (FTC) last month. The complaint was also sent to congressional committees.

“We are reviewing the redacted claims that have been released, but what we have seen so far is a misrepresentation fraught with contradictions and inaccuracies,” Twitter chief executive Parag Agrawal told staffers in a memo.

Senate Judiciary Committee Chief Republican Chuck Grassley said the complaint raises serious national security concerns and privacy issues and needs to be investigated.

“Take a technology platform that collects massive amounts of user data, combine it with what appears to be incredibly weak security infrastructure, and add in foreign state actors with an agenda, and you have a recipe for disaster,” he said.

The FTC declined to comment. A spokesman for the Senate Intelligence Committee said it had received the complaint and was organizing a meeting to discuss the allegation.

Twitter’s real regulatory risk lies in whether the documentary evidence demonstrates “knowing or recklessly misleading” investors or regulators, said Howard Fischer, a partner at Moses & Singer and a former SEC attorney.

Musk could not be reached for comment, but responded on Twitter with robot memes and emojis. Musk’s legal team subpoenaed Zatko, CNN reported after the whistleblower’s disclosure was made public.

American hackers have admired Zatko since the 1990s, when he was credited with inventing a password-cracking tool. He later used his hacking skills to become a sought-after security consultant, moving into top government and boardroom positions alongside other rebellious techies of the era.

The whistleblower document says that after the Jan. 6 riots, the new Biden administration offered him “a first-day appointed position as chief information security officer for the United States,” which he declined.

Cybersecurity leaders expressed broad support for Zatko, and many deplored Twitter’s response to his revelations.

Robert Lee, founder of industrial cybersecurity company Dragos, said it was “one of those very rare instances where I don’t even need to know a detail to form an opinion,” he said on Twitter. “If Mudge makes that kind of claim, it deserves an investigation.”

In January, Twitter announced that Zatko was no longer the chief of security, two years after being named chief of security.

On Tuesday, a Twitter spokesperson said Zatko was fired for “ineffective leadership and poor performance,” adding his allegations appeared designed to attract attention and harm Twitter, its customers and its shareholders.

Debra Katz and Alexis Ronickher, attorneys for Zatko, said in a statement that during his tenure at Twitter, he repeatedly raised concerns about inadequate information security systems to the company’s board, CEO and board of directors. Twitter did not respond to a request for comment on the statement. Twitter has misled US regulators over hacking and spam, a whistleblower says

Fry Electronics Team

Fry is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – The content will be deleted within 24 hours.

Related Articles

Back to top button