US: Twitter ex-security chief in Congress, as shareholders back Musk buyout

Zatko explained how he had often alerted the management of grave vulnerabilities to hacking, data theft, and other problems, but to no avail

Photo: Reuters
Photo: Reuters


Published: Wed 14 Sep 2022, 6:48 AM

On Tuesday, Twitter whistleblower Peiter Zatko told the US Congress that the platform ignored his security concerns, in a testimony that came as company shareholders greenlit Elon Musk's $44 billion takeover deal.

Nearly 99 per cent of the votes cast by stock owners endorsed the agreement with Musk to sell him the tech firm for $54.20 per share, Twitter said in a release.

Twitter added that it was ready to consummate the merger agreement immediately, and by no later than September 15, as per a timeline mandated by the agreement.

The shareholder decision clears the way for the contract to close, even as billionaire Musk tries to exit it. Twitter has sued him, in order to force it through.

"I'm here today because Twitter leadership is misleading the public, lawmakers, regulators and even its own board of directors," Zatko — a hacker widely known as "Mudge" — told the hearing.

He said that during his time as head of security for the platform from late 2020 until his dismissal in January this year, he tried alerting the management of grave vulnerabilities to hacking or data theft — but to no avail.

"They don't know what data they have, where it lives, or where it came from. And so, unsurprisingly, they can't protect it," Zatko said, during his opening remarks to the Judiciary Committee.

He contended that employees across the company had too much access to user data.

Zatko testified that he had "repeatedly sounded the alarm" (with evidence of problems) to the executive team.

"To put it bluntly, Twitter leadership ignored its engineers because key parts of leadership lacked competency to understand the scope of the problem," he said.

"More importantly, their executive incentives led them to prioritise profits over security."

Zatko's attorneys called the hearing a "watershed moment" that he hoped would enlighten the public, and contribute to sorely-needed legislation aimed at tech platforms.

Twitter has dismissed the 51-year-old's complaint as being without merit.

However, revelations of his whistleblower report in the US press in August were perfectly-timed for Tesla chief Musk, who has used it as part of his justification for abandoning his unsolicited $44 buyout bid.

In his report, Zatko directly refers to questions asked by Musk about bot accounts on Twitter, saying the company's tools and teams for finding such accounts are insufficient.

Musk has listed bot accounts as among the reasons to justify his walking away from the deal. Twitter is suing to force him to complete the buyout, with a trial set to go ahead on October 17.

Zatko's testimony "puts more pressure on [the] Twitter camp ahead of [the] Musk/Twitter trial," Wedbush analyst Dan Ives told AFP.

"The Twitter shareholders approving this deal was a no-brainer, but now the major challenge begins with the Musk trial," Ives added.

"The elephant in the room is the Zatko situation, which could be an albatross for the Twitter camp and throw this deal off track."

If Twitter prevails at the trial, the judge could order the Tesla chief to pay billions of dollars to the company, or even complete the purchase.

Twitter CEO Parag Agrawal declined to testify at Tuesday's hearing, citing the Musk litigation, Senator Chuck Grassley said.


Zatko insisted he had not made his revelations "out of spite or to harm Twitter".

"Far from that, I continue to believe in the mission of the company," he told Tuesday's hearing.

Musk, himself an avid Twitter user, did not comment immediately on the hearing — but tweeted a popcorn emoji as Zatko spoke, suggesting he was watching the proceedings closely.

"Zatko's testimony didn't provide much new information," said Insider Intelligence analyst Jasmine Enberg.

"There was also almost no mention of bots, but that doesn't mean that Musk won't use Zatko's allegation that Twitter was disinterested in removing bots to try to bolster his argument for walking away from the deal," added Enberg.

More news from Tech