This story is part of CNN Business’ Nightcap newsletter. To get it in your inbox, sign up for free, here.
On Tuesday morning, my CNN Business colleagues published an explosive report detailing a whistleblower’s accusations of “egregious deficiencies” in Twitter’s security protocols, as well as accusations the company misled its own board and US regulators about its vulnerabilities.
The whistleblower is Twitter’s former head of security, Peiter “Mudge” Zatko, a respected cybersecurity expert.
Zatko claims Twitter is full of critical security flaws, has misled the public about its spam account problem and may currently have foreign intelligence agents on the payroll, among other problems.
There is a lot to unpack in this story, but here are a few highlights:
- Chaos and mismanagement: Zatko’s disclosure paints a picture of a reckless environment at a company that allows too many of its staff access to the platform’s central controls and sensitive information.
- Attempted cover-up: His report also alleges that some of the company’s senior-most executives misled its own board and government regulators about the security vulnerabilities, including some that could allegedly open the door to foreign spying or manipulation, hacking and disinformation campaigns.
- A possible spy on the inside: The disclosure claims the US government provided evidence to Twitter shortly before Zatko’s firing that at least one of its employees, perhaps more, was working for another government’s intelligence service. The disclosure does not say whether Twitter acted on the tip, or whether the tip was credible.
- Overall: Zatko describes his findings thusly: “egregious deficiencies, negligence, willful ignorance, and threats to national security and democracy.”
WHO IS ZATKO?
Zatko is a highly respected cybersecurity insider with experience in senior roles at Google, Stripe and the Defense Department. He was hired at Twitter by former CEO Jack Dorsey following the 2020 hack of Twitter accounts belonging to public figures including Joe Biden, Barack Obama, Kim Kardashian and Elon Musk.
Twitter fired Zatko, a senior executive who reported directly to the CEO, in January for what the company claims was poor performance. Zatko believes his firing was in retaliation for sounding the alarm about the company’s security problems.
CNN sought comment from Twitter on more than 50 specific questions regarding the disclosure.
“Mr. Zatko was fired from his senior executive role at Twitter in January 2022 for ineffective leadership and poor performance,” a Twitter spokesperson said. “What we’ve s