A former Twitter Inc (NYSE:TWTR) executive has come forward with allegations of reckless and negligent cybersecurity policies at Twitter.
The former Twitter executive told CNN that the social media giant is well aware of the true extent of its bot problem.
According to Peiter “Mudge” Zatko, Twitter executives have long been aware that their platform is teeming with bots, but they have failed to take adequate steps to address the issue. Instead, he said Twitter has been more concerned with maintaining its public image and avoiding bad PR than with ensuring the safety and security of its users.
This alleged negligence has reportedly led to several serious security breaches, and Zatko claims hackers can access the personal data of millions of Twitter users.
What Caused Zatko To Blow The Whistle?
Zatko was responsible for security at Twitter until he was fired in January for what the company claims was poor performance.
Zatko's whistleblowing comes after years of attempting to flag security issues with Twitter and help it fix what he saw as technical shortcomings. He said he also tried talking directly with the company, but claims executives ignored his warnings about how much information was being leaked. Zatko accuses them of non-compliance with the Federal Trade Commission’s privacy agreement policy.
Was Elon Musk Behind This?
Zatko stated that he had not been in contact with Tesla Inc (NASDAQ:TSLA) CEO Elon Musk and had begun the whistleblowing process before Musk got involved with Twitter. However, Elon Musk's attorney, Alex Spiro, did say that he has subpoenaed Zatko. He believes Zatko’s findings will be crucial for Musk’s case about Twitter being overloaded with bots.
More Claims From Zatko
According to Zatko, the company's servers are running outdated software with a lack of security features that could allow hackers easy access to customer data stored on them.
He alleges that Twitter has been aware of the cybersecurity challenges employees face for some time. Still, Zatko says it lacks a way to hold them accountable because management cannot monitor what happens on individual work computers. According to Zatko, internal reports estimate that four out of five devices do not meet basic standards.
Twitter has denied Zatko's claims, saying that it takes user security "very seriously." The company has also said it is "constantly improving" its security measures.