id=”article-body” class=”row” section=”article-body” data-component=”trackCWV”>
US lawmakers sent a to Twitter about its security policies and procedures on Monday evening, hours before the company’s former head of security about security and privacy problems he says he uncovered while working at the company.
In a letter addressed to Twitter CEO Parag Agrawal, the leaders of the Senate Judiciary Committee wrote that, if true, gary allegations lodged by whistleblower Peiter “Mudge” Zatko “demonstrate an unacceptable disregard for data security that threatens national security and the privacy of Twitter’s users.”
Tuesday has been a notable day for Twitter. In addition to Zatko testifying in Washington, in a preliminary vote count Elon Musk’s bid to acquire the social media company for $44 billion, a deal that Musk is now trying to back out of.
During his testimony on Tuesday, Zatko said he thinks Twitter’s leadership would like to “wave a magic wand” and have all of its issues fixed, “but they’re unwilling to bite the bullet.”
In July, Zatko filed an 84-page with the US Securities and Exchange Commission, Department of Justice and the Federal Trade Commission, alleging alleges his former employer prioritized user growth over privacy and security.
Zatko accused Twitter executives of hiding bad news instead of trying to fix problems he brought to their attention. Twitter appeared to have a high rate of security incidents, some employees had disabled security and software updates on their devices and staff had too much access to user data, Zatko alleged in the complaint. Twitter pushed back against the allegations and said the whistleblower complaint has inconsistencies, inaccuracies and lacks important context.
In their letter ahead of the hearing, Judiciary Committee Chair Dick Durbin of Illinois and the panel’s top Republican, Chuck Grassley of Iowa, questioned Twitter about how it limits employee access to sensitive user data; the company’s procedures for protecting user data from being exposed to foreign intelligence; and claims that Twitter misled regulatory agencies on multiple occasions.
“The disclosure paints a disturbing picture of a company that has fallen short of basic security standards in the technology industry, failed to adequately mitigate attempts by foreign governments to gain access to sensitive user information, and willfully misled government regulators,” the pair wrote.
Twitter didn’t respond to a request for comment Monday, but a spokesperson said Tuesday that access to its data is controlled through processes such as background checks and monitoring and detection system.
“Today’s hearing only confirms that Mr. Zatko’s allegations are riddled with inconsistencies and inaccuracies,” a Twitter spokesperson said Tuesday afternoon.