Whistle-Blower Says Twitter ‘Chose to Mislead’ on Security Flaws
Twitter’s former top security official, who has accused the company of misrepresenting its security practices, told lawmakers at a hearing on Tuesday that the site had put user data at risk and exposed its inner workings to possible foreign agents, adding to the embattled social media service’s woes.
Peiter Zatko, who was Twitter’s top security official before he was fired in January, said that the company was notified during his tenure that “there was at least one agent” of a Chinese intelligence service “on the payroll inside Twitter.” He added that Twitter’s executives “chose to mislead its board, shareholders, lawmakers and the public” about its security flaws instead of fixing them.
Last month, a whistle-blower complaint that Mr. Zatko had filed with federal regulators became public. In it, he accused the company of failing to guard against attacks and spam and lying about its efforts.
Members of the Senate Judiciary Committee, which convened the Tuesday hearing, expressed concerns about Mr. Zatko’s allegations. “Twitter has a responsibility to ensure that the data is protected and doesn’t fall into the hands of foreign powers,” said Senator Chuck Grassley of Iowa, the top Republican on the committee.
Mr. Zatko’s testimony adds to the turmoil engulfing Twitter. The social media service has been embroiled in a fight for its survival with Elon Musk, the Tesla founder who agreed to buy Twitter for $44 billion in April before trying to back out of the deal. The company has insisted the purchase go forward and has sued Mr. Musk, with a trial over the case set for next month. Later on Tuesday, Twitter’s shareholders are expected to vote to approve the deal.
Mr. Zatko’s accusations have become entangled in Mr. Musk’s and Twitter’s battle over the fate of the company. Mr. Musk’s lawyers have seized on Mr. Zatko’s statements to support their argument that Twitter misled the billionaire about the volume of spam accounts on the service.
Mr. Musk has claimed that he should be able to abandon the Twitter acquisition because the company downplayed the number of fraudulent accounts on the service. Mr. Zatko said in his complaint that Parag Agrawal, Twitter’s chief executive, had misled Mr. Musk after the billionaire made his concerns known.
At the hearing, Mr. Grassley said Mr. Agrawal had “rejected this committee’s invitation by claiming that it would jeopardize Twitter’s ongoing litigation with Mr. Musk.”
“Many of the allegations directly implicate Mr. Agrawal and he should be here to address them,” Mr. Grassley added.
This is a developing story and will be updated.
Kate Conger contributed reporting.