A Twitter whistleblower testified before Congress on Tuesday, saying he did so at great personal risk to his own career and reputation because he feared Twitter lacked the proper security measures.
Peiter Zatko, who often goes by the nickname Mudge, spoke before the Senate Judiciary Committee and said that the social networking company was more than a decade behind industry security standards.
“The company's cybersecurity failures make it vulnerable to exploitation, causing real harm to real people,” he said. Mr Zatko worked for The Defense Advanced Research Projects Agency (DARPA) and Google before joining Twitter in November 2020 before he left in January 2022.
Mr Zatko submitted a whistleblower complaint after chief executive Parag Agrawal reportedly fired him. His complaint alleges that the company was not honest about data security or efforts to keep data private. Specifically, he alleged that Twitter allowed agents of foreign governments to access data and that it hard poor internal security. Mr Zatko also said that he was fired for raising these concerns.
“And when an influential media platform could be compromised by teenagers, thieves and spies, and the company repeatedly creates security problems on their own, this is a big deal for all of us,” he said.
“When I brought concrete evidence of these fundamental problems to the executive team, and repeatedly sounding the alarm of the real risks associated with them – and these were real problems brought to me by the engineers and employees of the company themselves – the executive team chose instead to board, shareholders, lawmakers and the public instead of addressing them.”
Senator Lindsey Graham of South Carolina asked him if he believed good would come from the testimony.
“I hope so, I’m risking my career and reputation, and if something good comes from this five, 10 years down the road, it will have been worth it,” Mr Zatko said.
