Twitter whistleblower Peter “Maj” Zatko alleged on Tuesday that the microblogging platform had knowingly allowed India to add agents to the company’s roster that provided the country with access to sensitive data about users on the platform, while “at least one agent” was from China’s intelligence service. The company had worked. In his testimony before a US Senate committee, Zatko claimed that Twitter was putting its users’ privacy at risk, that the company’s leadership neglected its engineers, while its executive incentives made them prioritize profits over security. Twitter responded to the claims that its hiring process is “independent of any foreign influence” and that access to data is managed through a number of measures.
According to a Report According to the Associated Press, Twitter’s former security chief Peter Zatko said in his testimony that the company knowingly allowed the Indian and Chinese governments to place its agents on the company’s payroll. According to Zatco, agents may have accessed company systems and user data. A Twitter whistleblower has said weak cyber defenses have left the social platform vulnerable to exploitation by “teenagers, thieves and spies”, putting users’ privacy at risk.
Zatko, appearing before the Senate Judiciary Committee, alleged that the company neglected its engineers because their “executive incentives made them prioritize profit over safety.” Zatko said Twitter’s security systems are outdated and that it runs vulnerable software on more than half of its data center servers.
He cited Twitter’s negligence in dealing with governments trying to spy on the microblogging service. He added that Twitter’s inability to track how employees accessed user accounts made it difficult for the platform to detect potential misuse of data access on the service.
According to the report, Zatko, who was Twitter’s security chief until he was fired earlier this year, said he spoke with “high confidence” about a foreign agent the Indian government placed on Twitter to “understand the negotiations” in India. The ruling party and Twitter about the new social media restrictions and how well those negotiations are going.
The whistleblower also revealed that he was told a week before his firing that “at least one agent” from the Chinese Ministry of State Security (MSS) was “on the payroll” of Twitter.
Meanwhile, Zatco has accused his former employer of cybersecurity negligence for failing to address “fundamental systemic failures” recommended by engineers. Zatko accused Twitter CEO Parag Agarwal and other senior executives and board members of numerous violations, including “making false and misleading statements about Twitter’s security to users and the FTC.”
Twitter reportedly denied Zatko’s claims, describing his events as “a bogus account … filled with inconsistencies and inaccuracies” and lacking important context. In a statement to The Associated Press, the microblogging platform said its recruitment process is “independent of any foreign influence” and that access to data is managed through a number of measures, including background checks, access controls and monitoring and discovery systems and procedures.
