Peiter Zatko, who was fired as head of security by Twitter earlier this year, may turn out to be Elon Musk’s smoking gun in his A$63.6 billion stout with the social media company.
Zatko, pictured below, is a known ‘ethical hacker’ who was hired by Twitter to overhaul its cybersecurity, following a series of embarrassing hacks of high-profile users, including Barack Obama, Kim Kardashian, and Warren Buffett.
Earlier this year, the company was fined A$217 million, and ordered to install new safeguards after the company was found to have violated a 2011 FTC agreement to protect user data.
Zatko alleged Twitter continues to be a US security risk. In a filing with the federal government, Zatko says Twitter’s failure to protect the data of 238 million Americans, including “government agencies, heads of state and defense officials”, poses a significant national security risk.
Zatko accused Twitter of failing to upgrade its server infrastructure, of losing user data even when accounts are deleted, and allowing low-level workers access to “the company’s most sensitive controls”.
Zatko claims he was fired after bringing up these issues to his bosses.
But of particular interest to Musk is Zatko’s claims that the company is not making efforts to stop the infiltration of automated bot and spam accounts.
In fact, Zatko claims that leadership is incentivised to inflate user numbers, and therefore has a financial reason for underreporting the bot count.
Zatko also appears to back Elon Musk’s claim that the company is not making adequate efforts to crack down on the proliferation of automated “bot” and spam accounts.
“Twitter executives have little or no personal incentive to accurately ‘detect’ or measure the prevalence of spam bots,” read the complaint. “Senior management had no appetite to properly measure the prevalence of bot accounts… they were concerned that if accurate measurements ever became public, it would harm the image and valuation of the company.”
Alex Spiro, an attorney for Musk, told CNN: “We have already issued a subpoena for Mr. Zatko, and we found his exit and that of other key employees curious in light of what we have been finding.”
Twitter has, of course, denied Zatko’s claims.
“Mr. Zatko was fired from his senior executive role at Twitter in January 2022 for ineffective leadership and poor performance,” a Twitter spokesperson said.
“What we’ve seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context.
“Mr. Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and will continue to be.”
