The disclosure alleges that Twitter is rife with security and privacy vulnerabilities that put users, investors and even US national security at risk, and that Twitter executives have misled its board and regulators about its shortcomings.
Members of the US House Committee on Homeland Security on Thursday sent Twitter CEO Parag Agrawal a letter demanding that he address Zatko’s allegations and explain Twitter’s readiness for the 2022 midterms.
In 2020, hackers tricked Twitter employees into handing over internal access that allowed them to take over the accounts of prominent figures such as former President Barack Obama and then-Presidential candidate Joe Biden.
“Twitter employees were repeatedly found to be intentionally installing spyware on their work computers at the request of external organizations,” the disclosure states.
Twitter’s employees use devices overseen by other IT and security teams with the power to prevent a device from connecting to sensitive internal systems if it is running outdated software, Twitter added.