www.nbcnews.com
Twitter whistleblower alleges major security issues and says company misled public
Twitter’s former head of cybersecurity has accused the company of a number of egregious security flaws and oversights, according to a whistleblower complaint
Business
Twitter’s former head of cybersecurity has accused the company of a number of egregious security flaws and oversights, according to a whistleblower complaint filed with the U.S. government this year.
The complaint, first published by The Washington Post and CNN, makes a wide range of damning claims about Twitter, including that members of the company’s board of directors misled the public and government agencies about the company’s security. The former security chief alleged in the complaint that he was told to withhold a major security report from Twitter’s board and to write misleading security documents.
Peiter “Mudge” Zatko, a veteran cybersecurity expert widely respected in the industry, filed the complaint with the Securities and Exchange Commission, Federal Trade Commission and the Department of Justice in July. Whistleblower Aid, a nonprofit that provides legal assistance to whistleblowers, confirmed the complaint’s authenticity.
Twitter CEO Parag Agrawal fired Zatko and another top security official in a shakeup of that department in January.
In a statement in response to the whistleblower complaint, a Twitter spokesperson called Zatko’s account “a false narrative” and said Zatko was fired because he displayed “ineffective leadership and poor performance.” It also said his allegations about Twitter’s security was “riddled with inconsistencies and inaccuracies and lacks important context.”