Peiter Zatko, Twitter’s chief security officer until he was fired earlier this year, filed the complaints last month with the US Securities and Exchange Commission, the Federal Trade Commission and the Justice Department.
The chargethat obtained the complaint, reported that among the most serious allegations is that Twitter violated the terms of an FTC settlement by falsely claiming that it had a robust security plan.
Shares of Twitter Inc. fell 4 percent on Tuesday.
Zatko did not immediately respond to a request for comment Tuesday, but said The charge he “felt ethically obligated” to come forward.
Zatko, better known as Mudge, is a highly respected cybersecurity expert who first rose to prominence in the 1990s and later worked in high-level positions at the Pentagon’s Defense Advanced Research Agency and at Google. He joined Twitter at the urging of then CEO Jack Dorsey in late 2020.
Twitter said in a prepared statement Tuesday that Zatko was fired for “ineffective leadership and poor performance” and that the “accusations and opportunistic timing appear to be designed to attract attention and inflict harm on Twitter, its customers and shareholders.”
“What we have seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks important context,” the company said.
A spokeswoman for the US Senate intelligence committee, Rachel Cohen, said the committee received the complaint and “is in the process of setting up a meeting to discuss the allegations in more detail. We take this matter seriously.”
Senator Dick Durbin, D-Illinois, said in a prepared statement that if the claims are accurate, they “may show dangerous security and data privacy risks to Twitter users around the world.”
Among the most alarming complaints is Zatko’s allegation that Twitter knowingly allowed the Indian government to place its agents on the company’s payroll where they had “direct, unsupervised access to company systems and user data.” .
A 2011 FTC complaint noted that Twitter’s systems were filled with highly sensitive data that could allow a hostile government to find precise geo-location data for a specific user or group and target them for violence or arrest. Earlier this month, a former Twitter employee was found guilty after a trial in California of passing sensitive Twitter user data to members of the royal family in Saudi Arabia in exchange for bribes.
The complaint said that Twitter also relied heavily on funding from Chinese entities and that there were concerns within Twitter that the company was providing information to those entities that would allow them to learn the identity and sensitive information of Chinese users using Twitter. in secret, which is officially prohibited in China.
Zatko also describes the “deliberate ignorance” of Twitter executives in counting the millions of accounts that are either automated “spam bots” or have no value to advertisers because there is no person behind them.
Alex Spiro, a lawyer representing Musk in his effort to back out of the deal to buy Twitter, said the lawyers issued a subpoena for Zatko. “We found his departure and that of other key employees curious in light of what we have been finding,” Spiro wrote in an email Tuesday.