August 23 (Reuters) – Twitter Inc (TWTR.N) Peiter Zatko, the social media company’s former security chief, said in a whistleblower complaint that it misled federal regulators about its defenses against hackers and spam accounts.
In the 84-page complaint, notorious hacker Zatko, known as “Mudgeer,” falsely claimed that Twitter had a robust security plan, according to documents turned over to congressional investigators. Shares of Twitter fell 7.3% to $39.86.
The document claims that Twitter prioritizes user growth over spam reduction, that executives are entitled to up to $10 million in individual bonuses for daily user growth, and that there is clearly nothing to curb spam.
Sign up now for FREE unlimited access to Reuters.com
Twitter called the complaint a “false story.” The social media company is battling Elon Musk in court after the world’s richest man tried to back out of a $44 billion deal to buy Twitter. Musk said he did not provide details on the proliferation of bots and spam accounts.
Tesla Inc (TSLA.O) Chief executive Musk has offered to buy Twitter for $54.20 a share, saying he believes it can be a global platform for free speech.
Twitter and Musk sued each other, with Twitter asking Musk to enjoin the deal in the Delaware Court of Chancery. The trial is set for October. 17.
Zatko filed the complaint last month with the US Securities and Exchange Commission and the Department of Justice, as well as the Federal Trade Commission (FTC). The complaint was also sent to congressional committees.
“We are reviewing the redacted claims that have been published, but what we have seen so far is a false story full of inconsistencies and inaccuracies,” Twitter CEO Parag Agrawal said in a memo to employees.
Chuck Grassley, the top Republican on the Judiciary Committee, said the complaint raises serious national security and privacy concerns and should be investigated.
“Take a technology platform that collects massive amounts of user data, combine it with an incredibly weak security infrastructure and bring it up against foreign state actors and you have a recipe for disaster,” he said. .
The FTC declined to comment. A spokesman for the Senate Intelligence Committee said it had received the complaint and was holding a meeting to discuss the claim.
The Twitter logo is seen outside the company’s headquarters in San Francisco, California, U.S., April 25, 2022. REUTERS/Carlos Barria/File Photo
Howard Fischer, a partner at Moses & Singer and a former SEC attorney, said Twitter’s real regulatory risk is whether documentary evidence shows “intentional or reckless misrepresentation” of investors or regulators.
‘GIVE A WHISTLE’
Musk could not be reached for comment, but reacted with robot memes and emojis on Twitter. Musk’s legal team has subpoenaed Zatko.
American hackers have admired Zatko since the 1990s, when he invented a tool to crack passwords. He later used hacking techniques to become a sought-after security consultant and rise to high government and board positions with other renegade technicians of the era.
The information document says that after January. 6 The incoming Biden administration offered him “a designated day position as Chief Information Security Officer in the United States,” which he declined.
Cybersecurity leaders expressed widespread support for Zatko, and many lamented Twitter’s reaction to his revelations.
Robert Lee, founder of industrial cybersecurity company Dragos, “is one of those rare cases because of who he is,” he said on his Twitter account. “If Mudge is making such a claim, it deserves an investigation.”
Twitter in January he said Zatko was no longer his security chief two years after his appointment.
On Tuesday, a Twitter spokesperson said Zatko was fired for “ineffective leadership and poor performance” and said his allegations were designed to attract attention and harm Twitter, its customers and shareholders.
Zatko’s attorneys, Debra Katz and Alexis Ronicker, said in a statement that during his tenure at Twitter, he repeatedly raised concerns about inadequate information security systems with the company’s executive committee, CEO and board of directors. Twitter did not respond to a request for comment on the announcement.
(This story corrects the closing price and removes the extraneous percent symbol in the second paragraph)
Sign up now for FREE unlimited access to Reuters.com
Reporting by Chavi Mehta, Ankur Banerjee and Tiyashi Datta in Bengaluru, Peter Henderson in Oakland and Raphael Satter in Washington; Additional reporting by Rick Cowan in Washington; Written by Ankur Banerjee; Edited by Kenneth Lee, Saumyadeb Chakrabarty, Sriraj Kalluvila, and David Gregorio
Our standards: Thomson Reuters Trust Principles.
