Twitter's former security chief stated to Congress on Tuesday that the company had "at least one agent" from China's intelligence service on its payroll and that the company knowingly allowed India to add agents to the company roster as well, potentially giving those nations access to sensitive user data.
These were some of the disturbing revelations made by Peiter "Mudge" Zatko, a well-known cybersecurity expert and Twitter whistleblower who testified before the Senate Judiciary Committee about his allegations against the company.
Zatko told lawmakers that the social media platform has weak cyber defences, making it vulnerable to exploitation by "teenagers, thieves, and spies" and risking its users' privacy.
“I am here today because Twitter leadership is misleading the public, lawmakers, regulators and even its own board of directors,” Zatko began his sworn testimony.
“They don’t know what data they have, where it lives and where it came from and so, unsurprisingly, they can’t protect it,” Zatko explained. “It doesn’t matter who has keys if there are no locks.” "Twitter leadership ignored its engineers," he claimed, citing “their executive incentives led them to prioritize profit over security.”
Twitter stated in a statement that its hiring process is "independent of any foreign influence," and data access is managed through a variety of measures. Background checks, access controls, and monitoring and detection systems and processes are all included.
The question of whether Twitter accurately counts its active users, an important metric for its advertisers, was not raised during the hearing. Tesla CEO Elon Musk, who is attempting to back out of a $44 billion deal to buy Twitter, has claimed without evidence that many of the site's 238 million daily users are fake or malicious accounts known as "spam bots."