Zatko spoke to a Senate panel about the platform’s security shortcomings.
This week, after acknowledging his whistleblower complaint submitted last month, a United States Senate panel is hearing testimony from Peiter “Mudge” Zatko. Zatko, a former hacker and cybersecurity expert, was employed with social media platform Twitter from 2020 to 2022, and has submitted testimony regarding the platform’s multiple concerning security shortcomings.
According to Zatko’s testimony, Twitter has been experiencing severe security vulnerabilities for a long time, and those in control of its operation choose to prioritize monetary pursuits over fixing them. Zatko said that any employee of the company can access large swaths of user data, both public and private, very easily. He also added that, due to lax security and screening, multiple agents of foreign governments have been employed by Twitter to harvest US data.
“It’s not far-fetched to say that an employee inside the company could take over the accounts of all of the senators in this room,” Zatko told members of the Senate Judiciary Committee.
Zatko also added that Twitter’s internal systems are extremely disorganized, and that there is no way to actually verify whether data that has been deleted is actually gone. “They don’t know what data they have, where it lives or where it came from, and so, unsurprisingly, they can’t protect it,” Zatko said.
"I'm here today because Twitter leadership is misleading the public, lawmakers, regulators and even its own board of directors."
WATCH: Twitter Whistleblower Peiter "Mudge" Zatko complete opening statement. pic.twitter.com/dq6gJCrd3x
— CSPAN (@cspan) September 13, 2022
Zatko cautioned that, if the government wanted to do something about this, they would need more than a fine or settlement. “While I was there, the concern only really was about a significantly higher amount,” Zatko said. “Or if it would have been a more institutional restructuring risk. But that amount would have been of little concern while I was there.”
Twitter, for its part, continues to dismiss Zatko’s statements as inaccurate and inconsistent. “Today’s hearing only confirms that Mr. Zatko’s allegations are riddled with inconsistencies and inaccuracies,” a Twitter spokesperson said.