Twitter has significant security issues that put personal user data and potentially national security at risk, according to a former corporate executive-turned-whistleblower.
According to a disclosure sent to US Congress and federal agencies last month and obtained by CNN and the US Washington PostTwitter’s former security chief claims the company gives too many people access to the platform’s central controls and some sensitive information.
Peiter ‘Mudge’ Zatko, who was fired from Twitter in January, has claimed that some of his senior staff have attempted to cover up serious security flaws and that one or more current employees may work for a foreign intelligence agency.
Mr Zatko’s disclosure reportedly alleges that Twitter executives have misled their own board and US regulators about security flaws and that the platform could be vulnerable to foreign interference or espionage and hacking.
Its allegations include allegations of poor basic security practices, allowing thousands of employees to access the platform’s sensitive central controls, and a lack of transparency into who accessed what data and when.
Additionally, its disclosure claims that Twitter is unable to fully calculate the true number of bot or fake accounts on the platform — a problem that has fueled billionaire Elon Musk’s protracted and now-stalled takeover, which is currently underway heading towards the trial became a key issue in the US in October.
Mr. Zatko’s attorney told CNN that the whistleblower had no contact with Mr. Musk and that Mr. Zatko began the whistleblowing process before Mr. Musk’s attempts to buy the platform became known.
The disclosure also alleges the US government provided Twitter with concrete evidence shortly before Mr Zatko left the company that at least one of his employees worked for another country’s intelligence agency.
Mr Zatko said he tried to address the alleged security vulnerabilities with the Twitter board and claims his public whistleblowing comes after those attempts failed.
Twitter denied Mr Zatko’s account of the firm’s practices.
“Mr. Zatko was fired from his senior position at Twitter in January 2022 for ineffective leadership and poor performance,” a Twitter spokesman said.
“What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies… Mr. Zatko’s claims and his opportunistic timing appear designed to attract attention and Twitter, its customers.” , causing harm and its shareholders.
“Security and privacy have long been, and will continue to be, company-wide priorities at Twitter.”
https://www.independent.ie/news/twitter-accused-of-serious-security-breaches-by-whistleblower-41933102.html Whistleblowers have accused Twitter of serious security breaches