free counter

Twitter whistleblower alleges execs misled board and public on spam, security

Peiter Zatko, who’s also referred to as Mudge poses for a portrait on Monday August 22, 2022 in Washington, DC.

Matt McClain | The Washington Post | Getty Images

A Twitter whistleblower is alleging “extreme, egregious deficiencies by Twitter” linked to privacy, security and content moderation, in accordance with complaints filed with the Securities and Exchange Commission, Federal Trade Commission and Department of Justice.

The complaints, obtained by CNBC, were filed by nonprofit lawyer Whistleblower Aid, that is representing Twitter’s former head of security, Peiter “Mudge” Zatko. Whistleblower Aid, which also represented Facebook whistleblower Frances Haugen, verified the authenticity of the documents with CNBC.

Shares of Twitter were down a lot more than 5% in morning trading.

In a complaint with the SEC, Zatko alleges he “witnessed senior executive participating in deceitful and/or misleading communications affecting Board members, users and shareholders” on multiple occasions in 2021, where CEO Parag Agrawal asked Zatko to supply false and misleading documents.

The news headlines was initially reported by The Washington Post and CNN.

Parag Agrawal, CEO of Twitter, and his wife Vineeta Agarwal, walk to a morning session through the Allen & Company Sun Valley Conference on July 07, 2022 in Sun Valley, Idaho.

Kevin Dietsch | Getty Images News | Getty Images

In his final report for Twitter after he was terminated, based on the whistleblower documents, Zatko charged that the business didn’t accurately represent four key issues to the board: out-of-date software that lacked basic security measures, “Gross problems” in who could access or control systems and data, problematic internal processes and a “volume and frequency of security incidents impacting a lot of users’ data that’s frankly stunning.”

Zatko alleged in the report that over fifty percent of Twitter’s 500,000 servers were running out-of-date software and much more when compared to a quarter of employee computers have disabled software updates that may provide important security patches. He said Twitter’s alleged practice of granting broad usage of the platform’s production environment was “unusual in an organization this and need for Twitter, where almost all employees get access to systems or data they ought to not.”

If government regulators were to get Twitter misled consumers about its security protocols, which may be considered a violation of its 2011 agreement with the FTC. At that time, Twitter was barred for 20 years from misleading consumers about how exactly it protects their security and personal information. The agreement also required Twitter to generate and maintain a thorough information security program to be evaluated by an unbiased auditor for 10 years.

A spokesperson for the Senate Select Committee on Intelligence said in a statement that the panel in addition has received the complaint “and is along the way of establishing a meeting to go over the allegations in further detail. We take this matter seriously.”

The whistleblower complaint mentions misrepresentations by Twitter to Elon Musk, who’s locked in a legal battle wanting to back out of a deal to get the social media marketing company, on the Tesla CEO’s “doubts on the accuracy of Twitter’s claim in legal findings that <5% of accounts are 'bots,' or automated spam accounts."

An attorney representing Zatko said the former Twitter employee has already established no connection with Musk, who in July said he was withdrawing his $44 billion bid to obtain the business.

“We’ve already issued a subpoena for Mr. Zatko, and we found his exit and that of other key employees curious in light of what we’ve been finding,” Musk attorney Alex Spiro of Quinn Emanuel told CNBC.

Musk and Twitter will meet in court in October where Delaware Court of Chancery Chancellor Kathaleen McCormick will determine if Musk continues to be on the hook to obtain the business.

Zatko alleges a tweet by CEO Agrawal on, may 16, which said the business is “strongly incentivized to detect and remove just as much spam once we possibly can, each day” was “a lie.” He said Twitter executives aren’t incentivized to detect bots and “senior management had no appetite to properly gauge the prevalence of bot accounts” because “if accurate measurements ever became public, it could harm the image and valuation of the business.”

Zatko further alleged that the business didn’t have proper security controls set up. Based on the Washington Post, about 7,000 Twitter employees had “wide usage of the business’s internal software and that access had not been closely monitored.”

In a memo to staff posted to Twitter by CNN correspondent Donie O’Sullivan, Agrawal described Zatko as “a former Twitter executive who was simply terminated in January 2022 for ineffective leadership and poor performance.”

“We have been reviewing the redacted claims which have been published, but what we’ve seen up to now is really a false narrative that’s riddled with inconsistencies and inaccuracies, and presented without important context,” Agrawal wrote, in accordance with CNN. A Twitter spokesperson didn’t immediately react to CNBC concerning the reported memo.

“Given the spotlight on Twitter right now, we are able to assume that people will continue steadily to see more headlines in the coming days this can only make our work harder,” Agrawal said. “I understand that of you have a large amount of pride in the task we do together and in the values that guide us. We shall pursue all paths to guard our integrity as an organization and set the record straight.”

Read more from the Washington Post and CNNSign up to CNBC on YouTube.

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker