Pater “Maj” Zatko, Twitter’s former head of security, says management ignored concerns he raised about user data security – Copyright AFP BEN STANSALL
Twitter whistleblower Peter Zatko told the US Congress on Tuesday that the platform ignored his security concerns as its shareholders decide whether to approve a $44 billion takeover deal that Elon Musk is trying to get out of.
“I’m here today because Twitter’s leadership is misleading the public, legislators, regulators, and even its own board of directors,” Zatko, commonly known as “Maj,” Twitter’s former chief of security, told the hearing.
He said that during his tenure as the platform’s head of security from late 2020 until his dismissal in January of this year, he unsuccessfully tried to alert management to serious vulnerabilities to hack or data theft.
“They don’t know what data they have, where they live and where they come from. And therefore, it is not surprising that they cannot protect him,” Zatko said in his opening remarks before the Judicial Committee.
“Then employees should have too much access (…) it doesn’t matter who has the keys if you don’t have locks on the doors.”
Zatko testified that he delivered concrete evidence of problems to management and “repeatedly sounded the alarm.”
“To put it simply, Twitter management was ignoring its engineers because key parts of management were not qualified to understand the scale of the problem,” he said.
“But more importantly, their executive incentives led them to prioritize profit over safety.”
Twitter dismissed the 51-year-old Zatko’s complaint as unfounded.
But the debunking of his whistleblower report to the American press in August came in handy for Tesla CEO Elon Musk, who used it as part of his justification for dropping his unsolicited $44 billion bid to buy Twitter.
In his report, Zatko directly refers to Musk’s questions about bot accounts on Twitter, saying that the company’s tools and teams are not enough to find such accounts.
Musk cited bot accounts as one of the reasons he justified pulling out of the deal. Twitter is suing to force it to complete the buyout, and the trial will take place on October 17th.
If the court focuses on the fact that the world’s richest man refused to collect the facts normally associated with large-scale mergers, Zatko’s charges could prove moot.
“Once both parties enter court, it will be a high-risk, high-reward scenario for both parties, with the main variable X now being whistleblower Zatko claims,” Wedbush analyst Dan Ives said in a note to investors.
“We continue to view the Zatko situation as a Pandora’s box for Twitter.”
If Twitter wins in court, the judge could order Tesla’s CEO to pay the company billions of dollars or even complete the purchase.
Twitter shareholders are expected to approve the buyout deal in a special vote on Tuesday.
Twitter CEO Parag Agrawal refused to testify at Tuesday’s hearing, citing a lawsuit against Musk, Senator Chuck Grassley said.
Zatko insisted that he did not make his revelations “to spite or harm Twitter.”
“Far from it, I continue to believe in the mission of the company,” he said at a hearing on Tuesday.