"In an explosive whistleblower complaint obtained by The Washington Post, former Twitter security chief Peiter ‘Mudge’ Zatko alleges the company misled regulators about lax security and spam... Twitter executives deceived federal regulators and the company’s own board of directors about 'extreme, egregious deficiencies' in its defenses against hackers, as well as its meager efforts to fight spam... Among the most serious accusations in the complaint, a copy of which was obtained by The Washington Post, is that Twitter violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid security plan. Zatko’s complaint alleges he had warned colleagues that half the company’s servers were running out-of-date and vulnerable software and that executives withheld dire facts about the number of breaches and lack of protection for user data, instead presenting directors with rosy charts measuring unimportant changes... The complaint — filed last month with the Securities and Exchange Commission and the Department of Justice, as well as the FTC — says thousands of employees still had wide-ranging and poorly tracked internal access to core company software, a situation that for years had led to embarrassing hacks..." https://www.washingtonpost.com/tech...histleblower-sec-spam/?itid=hp-top-table-main
"Ex-Twitter exec blows the whistle, alleging reckless and negligent cybersecurity policies... The whistleblower also alleges Twitter does not reliably delete users' data after they cancel their accounts, in some cases because the company has lost track of the information, and that it has misled regulators about whether it deletes the data as it is required to do... It also alleges that some of the company’s senior-most executives have been trying to cover up Twitter’s serious vulnerabilities, and that one or more current employees may be working for a foreign intelligence service..." The scathing disclosure, which totals around 200 pages, including supporting exhibits – was sent last month to a number of US government agencies and congressional committees, including the Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice..." https://www.cnn.com/2022/08/23/tech/twitter-whistleblower-peiter-zatko-security/index.html
FYI: Twitter whistle-blower, Peiter “Mudge” Zatko, former Twitter security chief, testifies on security and privacy issues relating to the social media company before the Senate Judiciary Committee. Today - Live - 10:00 AM https://www.c-span.org/video/?522489-1/twitter-whistleblower-testifies-security-issues [Video of the live hearing will also be available after the hearing at the same above link]
