A Twitter whistleblower has told the US Congress the platform ignored his security concerns, in testimony that came as company shareholders greenlit Elon Musk’s $44 billion ($65 billion AUD) takeover deal.
Nearly 99 per cent of the votes cast by stock owners endorsed the agreement with Musk to sell him the tech firm for $54.20 per share, Twitter said in a release.
Twitter added that it was ready to consummate the merger agreement immediately, and no later than September 15 as per a timeline mandated by the agreement.
The shareholder decision clears the way for the contract to close, even as billionaire Musk tries to exit it. Twitter has sued him to force it through.
“I’m here today because Twitter leadership is misleading the public, politicians, regulators and even its own board of directors,” Peiter Zatko, a hacker widely known as “Mudge”, told the hearing.
He said that, during his time as head of security for the platform from late 2020 until his dismissal in January this year, he tried alerting management to grave vulnerabilities to hacking or data theft — but to no avail.
“They don’t know what data they have, where it lives, or where it came from. And so, unsurprisingly, they can’t protect it,” Zatko said during his opening remarks to the Judiciary Committee.
He contended that employees across the company had too much access to user data. Zatko testified that he brought evidence of problems to the executive team and “repeatedly sounded the alarm”.
“To put it bluntly, Twitter leadership ignored its engineers because key parts of leadership lacked competency to understand the scope of the problem,” he said.
“But more importantly, their executive incentives led them to prioritise profits over security.”
Zatko’s attorneys called the hearing a “watershed moment” that he hopes will enlighten the public and contribute to sorely needed legislation aimed at tech platforms.
Twitter has dismissed the 51-year-old’s complaint as being without merit. But revelations of his whistleblower report in the US press in August were perfectly timed for Tesla chief Musk, who has used it as part of his justification for abandoning his unsolicited $44 buyout bid.
In his report, Zatko directly refers to questions asked by Musk about bot accounts on Twitter, saying the company’s tools and teams for finding such accounts are insufficient.
Musk has listed bot accounts as among the reasons to justify his walking away from the deal. Twitter is suing to force him to complete the buyout, with a trial set to go ahead on October 17.
Zatko’s testimony “puts more pressure on Twitter camp ahead of Musk/Twitter trial,” Wedbush analyst Dan Ives told AFP.
“The Twitter shareholders approving this deal was a no-brainer but now the major challenge begins with the Musk trial,” he said.
“The elephant in the room is the Zatko situation which could be an albatross for the Twitter camp and throw this deal off track.” If Twitter prevails at trial, the judge could order the Tesla chief to pay billions of dollars to the company, or even complete the purchase.
Twitter CEO Parag Agrawal declined to testify at Tuesday’s hearing, citing the Musk litigation, Senator Chuck Grassley said.
Zatko insisted he had not made his revelations “out of spite or to harm Twitter.”
“Far from that, I continue to believe in the mission of the company,” he told Tuesday’s hearing.
Musk, himself an avid Twitter user, did not comment immediately on the hearing — but tweeted a popcorn emoji as Zatko spoke, suggesting he was watching the proceedings closely.
“Zatko’s testimony didn’t provide much new information,” said Insider Intelligence analyst Jasmine Enberg.
“There was also almost no mentions of bots, but that doesn’t mean that Musk won’t use Zatko’s allegation that Twitter was disinterested in removing bots to try to bolster his argument for walking away from the deal.”
— with AFP
Originally published as Twitter ex-security chief claims company is ‘misleading the public’ as shareholders back Elon Musk’s buyout