Senate scrutiny on Twitter heats up after whistleblower complaint
The Senate Judiciary Committee called Twitter whistleblower Peiter Zatko to testify Sept. 13 about his allegations of widespread security failures at the social media company.
Zatko, also known in the hacker community as “Mudge,” served as Twitter’s chief of security until being fired in January. He alleged in a July whistleblower complaint filed with the Securities and Exchange Commission that Twitter employees had poorly controlled access to the company’s systems, a situation that led to high-profile hacks, and that the company ran vulnerable outdated software on its systems.
The whistleblower complaint was first reported by the Washington Post and CNN.
“Mr. Zatko’s allegations of widespread security failures and foreign state actor interference at Twitter raise serious concerns,” wrote Sens. Dick Durbin, D-Ill., and Chuck Grassley, R-Iowa, the Senate Judiciary’s chair and top Republican respectively. “If these claims are accurate, they may show dangerous data privacy and security risks for Twitter users around the world.”
Twitter said in a statement that Zatko was fired for “ineffective leadership and poor performance,” and said his complaint is “riddled with inconsistencies and inaccuracies.”
Zatko’s allegations suggest that Twitter may have violated a 2011 consent decree it reached with the Federal Trade Commission. Twitter in May agreed to pay $150 million to settle allegations by the Justice Department and FTC that the company violated the order when it used users’ telephone numbers and email addresses it collected for account security for marketing without telling users.
The summoning of Zatko from the Senate Judiciary follows calls from members of the Senate for the Federal Trade Commission and Justice Department to investigate the accusations.
“This blithe disregard for user data and FTC settlements cannot stand. I strongly urge the federal government to investigate Zatko’s claims and, if necessary, take strong and swift action against Twitter to ensure Twitter user data is properly protected,” Sen. Edward Markey, D-Mass., wrote Tuesday in a letter to the Justice Department.
European Union watchdogs have also been investigating the complaint, according to TechCrunch.