Former Twitter security chief files whistleblower complaints

The Twitter application is seen on a digital device, Monday, April 25, 2022, in San Diego. A former head of security at Twitter has filed whistleblower complaints with U.S. officials, Tuesday, Aug. 23, 2022, alleging that the company misled regulators about its cybersecurity defenses and its problems with fake accounts, according to reports by the Washington Post and CNN. Peiter Zatko, Twitter’s security chief until he was fired early this year, filed the complaints last month with the U.S. Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice. Credit: AP Photo/Gregory Bull, File

A former head of security at Twitter has filed whistleblower complaints with U.S. officials, alleging that the company misled regulators about its cybersecurity defenses and its problems with fake accounts, according to reports by The Washington Post and CNN.

Peiter Zatko, Twitter’s security chief until he was fired early this year, filed the complaints last month with the U.S. Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice.

The Post, which obtained the complaint, reported that among the most serious accusations is that Twitter violated the terms of an FTC settlement by falsely claiming that it had a strong security plan.

Zatko also accuses the company of deceptions involving its handling of “spam” or fake accounts, an allegation that is at the core of the attempted withdrawal of a $44 billion takeover bid for Twitter by billionaire Elon Musk.

Shares of Twitter Inc. slid 4% Tuesday.

Zatko didn’t immediately respond to a request for comment Tuesday but told the Post he “felt ethically bound” to come forward.

Zatko, better known as Mudge, is a highly respected cybersecurity expert who first gained prominence in the 1990s and later worked in senior positions at the Pentagon’s Defense Advanced Research Agency and Google. He joined Twitter at the urging of then-CEO Jack Dorsey in late 2020, the same year the company suffered an embarrassing security breach involving hackers who broke into the Twitter accounts of world leaders, celebrities and tech moguls, including Musk, in an attempt to scam their followers out of Bitcoin.

Twitter said in a prepared statement Tuesday that Zatko was fired for “ineffective leadership and poor performance” and that the “allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders.”

“What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context,” the company said.

The legal nonprofit Whistleblower Aid, which is representing Zatko, confirmed the authenticity of the document Tuesday, but said it is legally precluded from sharing it. The same group worked with former Facebook employee Frances Haugen, who testified to Congress last year after leaking internal documents and accusing the social media giant of choosing profit over safety.

A spokesperson for the U.S. Senate’s intelligence committee, Rachel Cohen, said the committee has received Zatko’s complaint and “is in the process of setting up a meeting to discuss the allegations in further detail. We take this matter seriously.”

Sen. Dick Durbin, an Illinois Democrat, said in a prepared statement that if the claims are accurate, “they may show dangerous data privacy and security risks for Twitter users around the world.”

Among the most alarming complaints is Zatko’s allegation that Twitter knowingly allowed the Indian government to place its agents on the company payroll where they had “direct unsupervised access to the company’s systems and user data.”

A 2011 FTC complaint noted that Twitter’s systems were full of highly sensitive data that could allow a hostile government to find precise geo-location data for a specific user or group and target them for violence or arrest. Earlier this month, a former Twitter employee was found guilty after a trial in California of passing along sensitive Twitter user data to royal family members in Saudi Arabia in exchange for bribes.

The complaint said Twitter was also heavily reliant on funding by Chinese entities and that there were concerns within Twitter that the company was providing information to those entities that would enable them to learn the identify and sensitive information of Chinese users who secretly use Twitter, which is officially banned in China.

Zatko also describes “deliberate ignorance” by Twitter executives on counting the millions of accounts that are automated “spam bots” or otherwise have no value to advertisers because there is no person behind them.

Alex Spiro, an attorney representing Musk in his effort to back out of the deal to buy Twitter, said lawyers have issued a subpoena for Zatko. “We found his exit and that of other key employees curious in light of what we have been finding,” Spiro wrote in an email Tuesday.


Musk says Twitter deal could move ahead with ‘bot’ info


© 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.

Citation:
Former Twitter security chief files whistleblower complaints (2022, August 23)
retrieved 23 August 2022
from https://techxplore.com/news/2022-08-twitter-chief-whistleblower-complaints.html

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.