A whistleblower complaint has alleged that twitter misled users and authorities about its security against hackers and spam accounts. The whistleblower is Twitter’s former security chief Peter Zatko. Shares of Twitter dropped sharply on Tuesday after the revelation of an explosive whistleblower complaint alleging the social media company misled federal regulators about its defenses against hackers and spam accounts. The disclosures come from Twitter’s former security chief Peter Zatko, a famed hacker more widely known as Mudge who has testified before congress in the past about the vulnerabilities of the internet.
Zatko said that if someone is looking for computer security then the internet is not the place to be. Zatko had filed an 84 page complaint last month with multiple government agencies alleging Twitter falsely claimed it had a solid security plan and said he had warned his colleagues that half the company’s servers were running on vulnerable software. The complaint which was reported by the Washington post and CNN was also sent to congressional committees. A Twitter spokesperson said on Tuesday that Zatko was fired in January for ineffective leadership and poor performance less than two years after then CEO Jack Dorsey appointed him to the role of spokesperson. The spokesperson also said his complaint was designed to capture attention and inflict harm on Twitter.
The whistleblower complaint comes at a rough time for the social media platform as it’s embroiled in a legal battle with Elon Musk after he said in July that he was ending an agreement to buy the company alleging Twitter had violated the terms of the deal. The world’s richest person has accused Twitter of hiding information about how it calculates the percentage of bots on the service. The whistleblower complaint alleges Twitter prioritized user growth over reducing spam offering executives massive bonuses for increases in daily users and nothing explicitly for cutting spam. CNN reported that Musk’s legal team has subpoenaed Zatko after the whistleblower disclosure was made public.