Skip to main content

Breaking down the Twitter whistleblower allegations and how it affects the Musk takeover

On Tuesday, The Washington Post published an extensive report about a Twitter whistleblower who alleges that the social media company’s executives have misled, well, just about everyone (but especially federal regulators and Twitter’s own board of directors), about its own security issues. The whistleblower complaint details quite a few alleged serious problems at Twitter, including security issues and a lack of resources to fully address disinformation. Notably, the complaint also mentions Twitter’s spam and bot issues. If you’ve been following along with the Elon Musk Twitter takeover saga, you know that ascertaining the true number of bots on the bird app has been a particular roadblock for Twitter’s acquisition.

In July, the complaint was filed with two agencies (the Securities and Exchange Commission (SEC) and the Federal Trade Commission (FTC), as well as the Department of Justice. And the complaint wasn’t filed by just anybody. The whistleblower was none other than Twitter’s former head of security, Peiter Zatko. Zatko is also a well-respected hacker himself, also known as “Mudge.”

Zatko’s complaint doesn’t just accuse Twitter of misrepresenting its level of security and of being in breach of its settlement with the FTC. The complaint contains lots of alleged security issues and problems at Twitter. Let’s take a look at some of them.

Here are some of the serious security issues alleged in the complaint as reported by The Washington Post:

  • Employee access to core company software resulted in account hacks: Many employees (thousands) “had wide-ranging and poorly tracked internal access to core company software” which led to account hacks. Such account hacks included the Twitter accounts of two former presidents of the United States and Elon Musk.
  •  Twitter was reportedly “forced” to hire an Indian government agent and that agent was given “access to user data at a time of intense protests in the country.”
  • Company laptops with security issues: The complaint claims that around 30% of company laptops had automatic software updates blocked and those updates included security fixes. There were also thousands of laptops that contained full copies of Twitter’s source code. This latter issue is particularly concerning because according to interviews conducted by The Washington Post with “current and former employees,” if a hacker had been able to access one of those laptops it would have been possible for them to “sabotage the product with relative ease because the engineers pushed out changes without being forced to test them first in a simulated environment …”
  • The complaint also contained a claim that approximately half of Twitter’s full-time employees had access to its internal software. Such access was described in the Post’s article as “not closely monitored” and apparently included “the ability to tap into sensitive data and alter how the service worked.” That means around half of about 7,000 employees had such access.

And here are some other non-security, yet-still-concerning issues the complaint brought up about Twitter:

  • Feeble response to disinformation: Twitter, like other platforms struggles with disinformation. But in an effort to address it, Zatko had ordered that an outside report be done which apparently assessed Twitter’s response to disinformation and that report revealed a lack of resources dedicated to fighting the issue. That report found: a disinformation team with unfilled positions, “yawning language deficiencies, and a lack of technical tools or the engineers to craft them.” One quote from The Washington Post report seemed particularly damning: “The authors said Twitter had no effective means of dealing with consistent spreaders of falsehoods.”
  • Data center issues that could have shut down the service: Zatko alerted Twitter’s board that the service itself was at risk of being down for months or losing all of its data due to “overlapping outages in the company’s data centers” which could have caused an inability to restart its servers properly.

You’re probably wondering if, among the laundry list of allegations against Twitter, if there’s anything in Zatko’s whistleblower complaint that could affect Twitter’s current legal fight to force Tesla CEO Elon Musk to honor their prior agreement for Musk to purchase the bird app. The complaint does mention a bit about Twitter’s spam and bot issues (which Musk was famously loudly concerned about), but we don’t know for certain yet how that will shake out in the actual legal proceedings. Here’s what we do know:

These revelations could hurt Twitter’s case against Musk, if proven to be true.

The complaint itself does allege that Zatko tried to find out exactly how common bots and spam were on Twitter as a whole but was ultimately unable to obtain a clear answer. According to The Washington Post, Zatko indicates that (according to a “sensitive source”) “Twitter was afraid to determine that number because it ‘would harm the image and valuation of the company.'”

The complaint is also quoted in the article as saying the following about Twitter and its CEO’s responses to earlier allegations about the bird app’s reported bot percentage estimates:

“’Agrawal’s Tweets and Twitter’s previous blog posts misleadingly imply that Twitter employs proactive, sophisticated systems to measure and block spam bots,” the complaint says. “The reality: mostly outdated, unmonitored, simple scripts plus overworked, inefficient, understaffed, and reactive human teams.’”

If true, the above revelations about the true number of bots on Twitter (and how they’re counted and blocked) could hurt Twitter’s case against Musk, as Musk cited concerns about the validity of Twitter’s bot percentage estimates among the reasons why he no longer wanted to purchase the company. And if Twitter’s reported bot estimate percentages prove to be inaccurate, that’s a violation of the acquisition deal Musk and Twitter struck, which could mean Musk may not have to go through with the deal after all.

NEW: Musk lawyer Alex Spiro said they want to talk to Twitter whistleblower.

“We have already issued a subpoena for Mr. Zatko, and we found his exit and that of other key employees curious in light of what we have been finding.”

— Donie O'Sullivan (@donie) August 23, 2022

And it looks like Musk’s legal team is already interested in Zatko’s allegations. According to a tweet posted by CNN correspondent Donie O’Sullivan, a lawyer for Elon Musk named Alex Spiro said the following:

“We have already issued a subpoena for Mr. Zatko, and we found his exit and that of other key employees curious in light of what we have been finding.”

Editors' Recommendations

Anita George
Anita has been a technology reporter since 2013 and currently writes for the Computing section at Digital Trends. She began…
Clear Mode on TikTok: Here’s what it is and how to use it
The TikTok app on a smartphone's screen. The smartphone is sitting on a white table.

When it comes to its features, TikTok is most known for all the fun bells and whistles you can add to a video that you create for its short-form video-sharing platform.

But what about the app's video-watching features? Those might be lesser known to you (or just less noticeable) because they're part of a more passive way of experiencing TikTok. But despite how easily video-watching features can fly under the radar, there is one new TikTok feature, that's worth knowing about. It's called "Clear Mode."

Read more
Twitter Blue is losing Ad Free Articles and Musk’s latest tweets indicate further changes
Twitter Blue menu option on a white screen background which is on a black background.

Twitter has reportedly ended its ad-free articles perk that it offered to Twitter Blue subscribers.

On Tuesday, 9to5Mac reported that Twitter has terminated a Twitter Blue feature known as "Ad-Free Articles." The feature allowed Twitter Blue subscribers to read articles without ads from participating publishers. The cancellation of Ad-Free Articles was apparently announced via an email sent to those publishers.

Read more
Staying on Twitter? Here are two ways to make it easier
Twitter app on the OnePlus 10T.

Yes, it's true: Elon Musk has officially taken the reins at Twitter. And as expected, there are quite a few people who aren't happy about the news, as they have voiced their concerns that a Musk-helmed Twitter could be more susceptible to more of the toxicity and abuse that the bird app already struggles with. Deleting your Twitter account is certainly a viable option that many are considering -- and hey, more power to you ifthat's what you decide.

But here are two things you can do to make the days ahead a bit more bearable without having to resort to muting a bunch of words or leaving Twitter altogether.
Get away from the main timeline
When you're scrolling through endless tweets on your timeline, it's easy to think that that's all there is to Twitter. And that's actually not true. At least not as of recently. Twitter has other ways of sharing and consuming content that isn't about just having to put up with whatever you see in your main timeline. And these other ways are actually whole sections of the bird app that are separate from the main timeline, giving you a break from others'  rants or mean tweets or arguments.
Twitter Communities

Read more