You know things are going to reverberate when a past security chief accuses Twitter (TWTR) of "extreme, egregious deficiencies."
On Tuesday morning, a joint report from the Washington Post and CNN published new allegations that Peiter "Mudge" Zatko made against the company to Congress.
Zatko, who led security at Twitter between 2020 and 2022 before getting terminated for what the company then described as poor performance and leadership, said that Twitter violated a number of laws regarding everything from data privacy to shareholder communication dating as far back as 2011.
In a complaint to the Securities and Exchange Commission, Justice Department and Federal Trade Commission filed on July 6, Zatko said that the company violated past agreements with the FTC to protect users' personal information, did not protect users from foreign government agents access to user information and fails to delete user data once people leave the site.
When a Musk/Twitter Trial Looms, Timing Is Everything
While the entire complaint has over 200 pages, another important element is the allegation that Twitter misleads both the public and shareholders into believing that only 5% of the users on its site are bots.
Zatko, who was a prominent cybersecurity expert and hacker before going on to work at Google (GOOGL) and Twitter, further said that executives were disincentivized from counting bots in order to not change that 5% figure.
Executive bonuses were allegedly determined based on efforts to sign up new users but not fight fake ones.
After news of Zatko's complaints were made public on Tuesday, Twitter shares fell by more than 4%. But while security risks are always a concern, the timing of the revelations is critical given that Elon Musk is currently going head-to-head over failed plans to purchase Twitter for $44 billion.
Musk withdrew his offer in July after claiming that the company had too many spam accounts while its executives refused to give proper information for him to evaluate the situation.
Twitter then moved to sue Musk for reneging on the deal and throwing the company into tumult; a trial date has been set for October 17.
Will Peiter Zatko Prove Pivotal in the Musk-Twitter Lawsuit?
Zatko's claims that Twitter is "lying about bots" is very strong ammunition for Musk, and his legal team did not wait long to file a subpoena.
Whether by repeating these claims or making new revelations, Zatko's testimony could prove crucial to determining whether Musk had a right to terminate the deal.
Many of Zatko's claims, such as the one that Twitter made “serious" data security lapses “allowed hackers to obtain unauthorized administrative control of Twitter" are similar to what Musk has been saying about the company.
The Tesla (TSLA) founder previously claimed that as many as 20% of Twitter users can be spam or other fake bots.
"We have already issued a subpoena for Mr. Zatko, and we found his exit and that of other key employees curious in light of what we have been finding," Alex Spiro, the trial lawyer representing Musk, told CNN.
Twitter CEO Parag Agrawal, meanwhile, has called Zatko's claims a "false narrative [...] riddled with inconsistencies and inaccuracies."
"We will pursue all paths to defend our integrity as a company and set the record straight," Agrawal wrote in a letter to Twitter employees late on Tuesday morning.