Twitter’s sloppiness could spell trouble for its users, shareholders and national security, according to an explosive whistleblower disclosure by former chief information security officer Peiter Zatko. She alleges serious vulnerabilities within Twitter’s internal systems which could allow foreign governments to spy on American citizens or manipulate US politics or markets with ease.
Zatko claims he discovered unauthorized access at Twitter through what’s known as the “Your Twitter Data” (YTD) tool, which allows users to download their account information such as tweets, direct messages (DMs), media files such as photos and videos uploaded to an account, user lists, demographic data gathered about them by Twitter as well as details about advertisements they have seen or interacted with on its platform. YTD became available for all accounts as part of a major revamp of Twitter’s website in 2019.
Zatko asserts that for seven of the accounts that were compromised, hackers also downloaded data using a second internal tool known as “secret view,” which provides users with a comprehensive account overview including direct messages (DMs), media files, user lists and more. Contrary to YTD tools available to all Twitter users, secret views must be requested by entering an account’s email address, reentering password information and then requesting file(s).
Zatko’s allegations are both alarming and legally actionable. Twitter signed an FTC consent decree in 2011 outlining specific requirements on how it stores, uses and protects nonpublic consumer data; according to these recent developments this agreement remains in effect but there may have been breaches.
Zatko’s disclosure has raised serious concerns that Twitter misled investors and government regulators regarding its vulnerabilities. According to him, leadership at Twitter–particularly new CEO Parag Agrawal–attempted to discredit him and discourage him from sharing an accurate accounting of security vulnerabilities at Twitter.
Zatko’s disclosure comes amid mounting anxiety in Washington over the ability of foreign adversaries to use social media platforms like Twitter to spy on Americans, influence American politics and markets, steal technology or trade secrets or influence elections – with one former Twitter employee recently being charged for spying for Saudi Arabia. A conviction against one such actor underscores this threat.
On Wednesday, Lina Khan of the Federal Trade Commission will appear before a House panel chaired by Republicans who have harshly criticized her leadership of the agency. At this hearing, Twitter will be under close scrutiny to determine whether enough staffing exists for it to meet privacy settlement agreements with the FTC and comply with privacy settlement agreements with regulators such as Elon Musk’s $44 billion acquisition of social media platform Twitter; other agenda items include antitrust review of Tesla CEO Elon Musk’s $44 billion acquisition; litigation between San Diego-based gene sequencing company Illumina over an FTC order blocking merger between itself and Grail that would limit competition in cancer tests markets – this hearing marks Khan’s first appearance before Republican control of Congress on July 13th; among many items on Khan’s agenda is antitrust review review of Tesla CEO Elon Musk’s $44 billion purchase of social media platform Twitter has enough staffing in terms of compliance with FTC order blocking its merger; investigation into whether Elon Musk violated antitrust review of antitrust review review of Tesla CEO Elon Musk’s $44 billion purchase of social media platform Twitter; inquiry into antitrust review of Elon Musk’s $44 billion purchase of social media platform Twitter; as well as lawsuit by San Diego-based gene sequencing company Illumina over an FTC order that blocked their merger with Grail, which would reduce competition within market of cancer tests market competition between firms Illumina vs Grail’s $44 billion purchase agreement for $44.