Former Twitter Security Chief Blows Whistle on ‘Egregious Deficiencies’ in User Privacy and Fighting Bots

former Twitter security boss Peiter Zatko
The Washington Post/Getty

Former Twitter security chief Peiter ‘Mudge’ Zatko has come forward with a shocking whistleblower complaint alleging that the company purposefully misled regulators about poor security and spam. In the complaint filed with the SEC, DOJ, and FTC, Zatko contends that the company lacks basic security practices and prioritizes user growth above all else, claiming CEO Parag Agrawal is “lying” when claims to fight spam.

The Washington Post reports that Twitter’s former head of security, Peiter Zatko, a widely known hacker who went by the screen name “Mudge,” has come forward with a whistleblower complaint alleging that the company’s management misled federal regulators and the company’s board of directors about “extreme, egregious deficiencies.” Zatko was fired by Twitter in January, just months after Jack Dorsey stepped down as CEO.

Twitter CEO Parag Agrawal

Twitter CEO Parag Agrawal (Google Cloud/YouTube)

Jack Dorsey at Bitcoin conference ( Joe Raedle /Getty)

Zatko depicts Twitter as a chaotic and directionless company plagued by infighting and unable to protect its users. One of the most serious allegations is that the company violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid and defined security plan.

Zatko claims that he warned colleagues that half the company’s servers were operating on out-of-date and vulnerable software with multiple security bugs. Zatko alleges that executives withheld important facts about the number of breaches the company faces and the lack of protection of user data, instead showing directors charts measuring unimportant changes and positive metrics.

Zatko filed the whistleblower complaint last month with the Securities and Exchange Commission and the Department of Justice as well as the FTC. He claims that thousands of employees still had wide-ranging and poorly tracked internal access to core company software, leading to years of embarrassing hacks.

He further alleges that the company prioritizes user growth over reducing spam and that executives could win individual bonuses up to $10 million by increasing daily users. Zatko further claimed that company CEO Parag Agrawal was “lying” when he tweeted in May that the company was “strongly incentivized to detect and remove as much spam as we possibly can.”

Zatko explained his decision to come forward stating: “I felt ethically bound. This is not a light step to take.”

Read more at the Washington Post here.

Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan




Please let us know if you're having issues with commenting.