Former Twitter executive-turned-whistleblower Peiter Zatko dropped the hammer on his former company during a Senate testimony on Tuesday.
During a wide-ranging hearing before the Senate Judiciary Committee that lasted more than two hours, Zatko told lawmakers about a breadth of concerns he has about the Big Tech giant.
Among several revelations, Zatko revealed that engineers have access to the plethora of data that Twitter collects from users.
In a whistleblower account last month, Zatko alleged that Twitter lacks sufficient cybersecurity safeguards and claimed that executives misled board members about potential vulnerabilities that left the platform open to hacking, foreign manipulation, and spying, Slay News reported.
During his Tuesday testimony before the Senate, Zatko said that Twitter collects user phone numbers, current and past email addresses, current and past IP addresses, and the web browser from which the user connects, among other data.
He also warned that the data is accessible by every engineer at the firm due to their access to internal production systems.
“If they wanted to root around in the data and find it, they could, and some have,” Zatko told lawmakers, according to a report from CNN.
Zatko also claimed in his whistleblower report that one or more current Twitter employees are working for a foreign intelligence agency.
He explained during his testimony that Twitter’s executives were “unwilling to put the effort in” to root out the individual.
According to Zatko, one executive allegedly told him: “Well, since we already have one, what is the problem if we have more?
“Let’s keep growing the office.”
Lawmakers are currently debating a piece of legislation called the American Data Privacy and Protection Act, which would adopt a “data minimization” approach to the collection of user information.
It would limit access to only the data “reasonably necessary and proportionate” to specific applications.
This includes user authentication and fraud prevention.
The bill, however, has a carveout for entities gathering user data for government purposes.
Zatko’s testimony also comes as Tesla and SpaceX CEO Elon Musk attempts to cancel a deal that would require him to purchase Twitter at a valuation of $44 billion.
Musk recently asserted that the true number of fake accounts on the platform could be as high as 33% rather than the company’s reported 5%.
With a lower number of monetizable daily active users, a lower valuation of the company would potentially be justified.
In his whistleblower report, Zatko claimed that Twitter executives lacked the resources or motivation necessary to determine the true number of fake accounts on the platform.
Last week, Delaware Chancery Court Chancellor Kathaleen McCormick granted attorneys representing Musk permission to use Zatko’s testimony in their case.
A trial to determine the status of the acquisition deal is scheduled for October 17.
While Zatko’s testimony was broadcasted live on Tuesday morning, Musk tweeted an emoji of movie theater popcorn, apparently indicating that he was enjoying the direction of the proceedings.
Nevertheless, Zatko testified that he only took the “personal and professional risk” of issuing a whistleblower report because he deemed the action “necessary” in light of dangers posed to individual users and national security.
“I did not make my whistleblower disclosures out of spite or to harm Twitter; far from that,” he explained.
“I continue to believe in the mission of the company and root for its success.
“But that success can only happen if the privacy and security of Twitter’s users and the public are protected.”
Sen. Josh Hawley (R-MO) responded to today’s hearing by saying Zatko’s testimony showed the extent to which Twitter may be vulnerable to foreign exploitation.
Zatko’s testimony was “really significant,” Hawley told CNN.
Some of Zatko’s most concerning allegations, Hawley said, were that Twitter’s now-CEO, Parag Agrawal, had proposed making concessions to Russia’s government and that Twitter may be providing Chinese entities with information that could be used to unmask people within China who may be illegally accessing Twitter, Hawley said.
There is also no reason to believe Twitter has meaningfully addressed a US government tip about a Chinese intelligence agent on Twitter’s payroll, another of Zatko’s explosive allegations, Hawley said.
“Nothing [Zatko] said today allays concerns on that score,” Hawley warned.