Recently, former Twitter security chief Peiter ‘Mudge’ Zatko has come forward with a shocking whistleblower complaint alleging that the company purposefully misled regulators about poor security and spam. Here are his key claims.
Breitbart News recently reported that Twitter’s former head of security, Peiter Zatko, a widely known hacker who went by the screen name “Mudge,” has come forward with a whistleblower complaint alleging that the company’s management misled federal regulators and the company’s board of directors about “extreme, egregious deficiencies.” Zatko was fired by Twitter in January, just months after Jack Dorsey stepped down as CEO.
Zatko depicts Twitter as a chaotic and directionless company plagued by infighting and unable to protect its users. One of the most serious allegations is that the company violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid and defined security plan.
Here are Zatko’s key claims about Twitter’s operations:
1: Twitter is “decades behind” on security
Zatko claims that in comparison to companies such as Google and Facebook, Twitter is “decades behind” in terms of its internal security systems and protocols. He claims that this was in part due to employees having access to internal systems that they should not be able to access.
Breitbart News previously reported on the case of a teenage hacker who posed as a member of Twitter’s IT department in order to gain employees’ credentials which gave him access to the account of public figures including Joe Biden and Barack Obama. The accounts were used to implement a crypto scam.
2: Twitter allows foreign government agents to access data
Zatko says that the company’s poor security also has national security and geopolitical implications. Zatko claims that Twitter was “complicit in threats to democratic governance.” Zatko claims that the company hired two people that he believed to be Indian government agents.
Twitter’s flawed internal security systems allegedly allowed the agents to have “direct unsupervised access” to internal information. Zatko claims that he has filed a separate disclosure describing this and other instances of major security issues and possible foreign government interference with user data with the Counterintelligence and Export Controls Section within the National Security Division of the Department of Justice and the Senate Select Committee on Intelligence. In one recent case, an employee was convicted of spying for Saudi Arabia.
3: Part-time CEO Jack Dorsey stayed silent on company issues for ‘Days or Week’
Zatko claims that Dorsey attended meetings sporadically and suffered from a “drastic lack of focus” in 2021. Rumors reportedly spread throughout the company of Dorsey remaining “silent for weeks.” Dorsey stepped down as CEO of Twitter in November and remains as CEO of payment company Block (formerly square).
Zatko claims in his whistleblower complaint that while at Twitter he received “little to no actual support for his task of fundamentally changing the risky behaviors of over 8,000 employees and the entire corporate culture.”
4: Twitter CEO Parag Agrawal encouraged Zatko to mislead investors
Zatko claims that his relationship with Parag Agrawal, the new CEO of Twitter, was strained from when Agrawal accepted the position. Zatko became worried that Agrawal was going to use the first board meeting since he accepted the position to downplay Twitter’s security issues.
Zatko wrote to Agrawal in December that there were “numerous and some significant, misrepresentations” in materials he had created for an upcoming presentation, but Agrawal brushed off Zatko’s concerns, and the next day the documents were presented at a high-level Risk Committee meeting.
Zatko called the documents “at worst fraudulent,” and wrote: “I was hired to achieve certain goals and to fix problems here at Twitter. In order to do that, we need to recognize the actual state of affairs at the company.”
5: Twitter purposefully undercounts Spam Bots
Zatko alleges that Twitter has been “lying” about the number of bots on its platform, particularly to Elon Musk who terminated his $44 billion acquisition of the platform. Musk has long claimed that while Twitter alleges that bots account for approximately five percent of its platform, the number is closer to 20 percent.
Zatko alleges that Twitter arrives at its official percentage of bots by only sampling from a subset of accounts known as “monetizable daily active users,” or mDAUs. But that this metric, which was created to give advertisers an idea of how many real humans are looking at their ads, already is designed to exclude bots.
Zatko said that his own attempts to determine the number of bots on the platform were met with a lack of enthusiasm. Zatko states in his disclosure: “In early 2021, as a new executive, Mudge asked the head of Site Integrity (responsible for addressing platform manipulation including spam and botnets) what the underlying spam bot numbers were. Their response was ‘we don’t really know.’”
Zatko further argued that Twitter executives “are not incentivized to accurately detect or report total spam bots on the platform,” as the number of growing mDAUs on the platform directly affects their performance bonuses.
Read more about Zatko’s claims at Breitbart News here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan