Zatko to Congress: Twitter’s security failures threaten national security and compromise the privacy and security of users
WASHINGTON – The Senate Judiciary Committee released prepared testimony from Twitter whistleblower Peiter “Mudge” Zatko during today’s hearing entitled “Data Security at Risk: Testimony from a Twitter Whistleblower.” Zatko, a data security expert and former head of security at Twitter, recently blew the whistle on alleged data security failures, foreign infiltration, and misrepresentations to regulatory agencies by Twitter.
Key quotes as prepared:
“[I] am here today because I believe that Twitter’s unsafe handling of the data of its users and its inability or unwillingness to truthfully represent issues to its board of directors and regulators have created real risk to tens of millions of Americans, the American democratic process, and America’s national security. Further, I believe that Twitter’s willingness to purposely mislead regulatory agencies violates Twitter’s legal obligations and cannot be ethically condoned.”
“Given the potential harm to the public of Twitter’s unwillingness to address problems I reported and Twitter’s continued efforts to cover up those problems, I determined lawful disclosure was necessary despite the personal and professional risk to me and my family of becoming a whistleblower.”
“Upon joining Twitter, I discovered that the Company had 10 years of overdue critical security issues, and it was not making meaningful progress on them… Staying true to my ethical disclosure philosophy, I repeatedly disclosed those security failures to the highest levels of the Company. It was only after my reports went unheeded that I submitted my disclosures to government agencies and regulators.”
“Twitter’s security failures threaten national security, compromise the privacy and security of users, and at times threaten the very continued existence of the Company… despite these grave threats, Twitter leadership has refused to make the tough but necessary changes to create a secure platform. Instead, Twitter leadership has repeatedly covered up its security failures by duping regulators and lying to users and investors.”
Full text of Peiter “Mudge” Zatko’s prepared remarks are available here.