Lawmakers Raise Serious Concerns About Twitter Whistleblower's Disclosure Amid Congress Probe

KEY POINTS
- Zatko alleged Twitter had inadequate security measures
- The former employee said company executives didn't have the resources to determine the exact number of bot accounts
- A Congress committee has launched an investigation into Zatko's revelations
After former Twitter employee Peiter Zatko accused the social media platform of underplayed spam issues and misleading investors in a whistleblower complaint, U.S. lawmakers have said they are taking the allegations seriously. A Congress committee has launched an investigation into Zatko's revelations.
Reports said the former security head's disclosure was sent to Congress and federal agencies in July. In the disclosure, obtained exclusively by CNN and The Washington Post, Zatko alleged that Twitter's cybersecurity defenses were poor and the company executives did not have the tools or resources necessary to understand the actual number of bot accounts on the platform – an issue raised by Tesla CEO Elon Musk since he announced last month his plans to end an agreement to purchase the social media platform for $44 billion.
Twitter's former cybersecurity chief alleges the company is reckless and negligent and warns of grave threats to national security and democracy https://t.co/5qm0H7lM5w
— CNN Breaking News (@cnnbrk) August 23, 2022
U.S. officials have since spoken up about the issue, with Rep. Frank Pallone, D-N.J., stating he is "carefully reviewing this whistleblower disclosure and assessing next steps." Pallone said Zatko's allegations were "alarming."
As Chairman of @EnergyCommerce, I'm carefully reviewing this whistleblower disclosure and assessing next steps. These allegations are alarming and reaffirm the need to pass my comprehensive privacy legislation to protect Americans’ online data. #ADPPA https://t.co/oEfOwaQSuX
— Rep. Frank Pallone (@FrankPallone) August 23, 2022
Sen. Edward "Ed" Markey, D-Mass., wrote a letter Tuesday to the Federal Trade Commission (FTC), urging the agency to launch an investigation into Zatko's claims. In his letter, Markey said he hopes the FTC will "hold Twitter accountable for any illegal activity, and protect the data of Twitter's users."
In a statement on the matter, Rep. Bennie Thompson, D-Miss., said the new revelations raise critical questions about "Twitter's commitment to securing user data," Politico reported. Thompson, who is the chairman of the House Homeland Security Committee, said there was also concern about how possible security and user data issues at Twitter will affect the midterm elections.
Rep. John Katko, R-N.Y., echoed the sentiments of other officials. In an email to Politico, the congressman said the claims "could have serious national security, privacy and election security implications."
Sen. Richard Durbin, D-Ill., said he was investigating the matter and will "take further steps as needed to get to the bottom of these alarming allegations." Durbin is chair of the Senate Judiciary Committee.
The whistleblower’s allegations of widespread security failures at Twitter, willful misrepresentations by top executives to government agencies, and penetration of the company by foreign intelligence raise serious concerns. https://t.co/9QQtlDSogr
— Senator Dick Durbin (@SenatorDurbin) August 23, 2022
If these claims are accurate, they may show dangerous data privacy & security risks for Twitter users around the world. As Chair of @JudiciaryDems, I will continue investigating this issue and take further steps as needed to get to the bottom of these alarming allegations.
— Senator Dick Durbin (@SenatorDurbin) August 23, 2022
CNN and The Post, which obtained Zatko's disclosure, reported that Zatko, also known as "Mudge," further detailed how Twitter's leadership allegedly misled its board of directors and tech regulators about vulnerabilities within the platform's security system.
Zatko alleged Twitter does not have a reliable process of deleting user data when someone opts to cancel their accounts. The former security chief added that he was fired in January after he attempted to inform Twitter about its security lapses. Twitter said at the time that Zatko was removed because of poor performance, CNN reported.
Twitter CEO Parag Agrawal defended the company in an email to employees after a former executive claimed the social network ignored major security vulnerabilities. Read the email https://t.co/SnUbDbeDRh
— Bloomberg Markets (@markets) August 24, 2022
In an internal email sent to employees, Twitter CEO Parag Agrawal said Zatko's revelations were "a false narrative that is riddled with inconsistencies and inaccuracies, and presented without important context." Agrawal added that Twitter "will pursue all paths to defend our integrity as a company and set the record straight" regarding Zatko's claims.
#BREAK A former Twitter executive, its head of security, has turned whistleblower.
— Donie O'Sullivan (@donie) August 23, 2022
He alleges grave security problems at the company that he says are a risk to national security and democracy.
His first TV interview here:https://t.co/QU823RBnN1 pic.twitter.com/krh7WVOrhe
In an interview with CNN correspondent Donie O'Sullivan, Zatko said "large tech companies need to know what the risks are" and should have the desire to fix security risks.
© Copyright IBTimes 2024. All rights reserved.