A whistleblower alleges that Twitter Inc. had serious security vulnerabilities on its platform and that its executives weren’t incentivized to reduce spam activity, according to reports from CNN and The Washington Post Tuesday.
The publications discussed a complaint filed by Peiter “Mudge” Zatko, Twitter’s
former head of security, which was sent to Congress in July. In the documents, Zatko charged that Twitter allowed too many employees to access the service’s central controls and operated servers that were running out-of-date software, according to the reports.
Additionally, the disclosures said that Twitter executives able to obtain bonuses linked to increases in the company’s count of daily active users but that they didn’t have explicit incentives to reduce spam or bot activity on the platform, according to the Washington Post. CNN highlighted that Zatko said Twitter “had no appetite to properly measure the prevalence of bots.”
The bot commentary comes as Tesla Inc.
Chief Executive Elon Musk seeks to terminate his agreement to buy Twitter for $44 billion. Musk contends that Twitter hasn’t been accurate with its public disclosures about the prevalence of bot activity on the service. Twitter has asked a judge to make Musk go through with the deal, and the matter is due for an October trial.
The CNN story quoted Musk lawyer Alex Spiro, who said that Musk’s team had already issued a subpoena to Zatko and was “curious” about his exit from the company.
A Twitter spokesperson said in a statement to MarketWatch that Zatko was ousted for performance reasons and that his accounts were inaccurate.
“Mr. Zatko was fired from his senior executive role at Twitter in January 2022 for ineffective leadership and poor performance,” the spokesperson said. “What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context. Mr. Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and will continue to be.”
The commentary from Zatko caught the attention of at least one member of Congress, with Sen. Richard Blumenthal, a Connecticut Democrat, calling on the Federal Trade Commission to investigate whether Twitter breached a prior consent decree or violated consumer-protection laws.
“These troubling disclosures paint the picture of a company that has consistently and repeatedly prioritized profits over the safety of its users and its responsibility to the public, as Twitter executives appeared to ignore or hinder efforts to address threats to user security and privacy,” Blumenthal said in a release.
Shares of Twitter were off 5% in afternoon trading Tuesday.