The Washington PostDemocracy Dies in Darkness

Twitter whistleblower says security holes cause ‘real harm to real people’

On Sept. 13, Peiter Zatko testified before a Senate committee that Twitter executives misled the public about the failed state of its data security practices. (Video: The Washington Post)
7 min

A Twitter whistleblower on Tuesday testified before Congress that the company’s failure to secure sensitive data causes “real harm to real people,” prompting senators to grapple with Washington’s inability to effectively regulate major social networks.

Peiter “Mudge” Zatko’s Senate testimony — which expanded on an 84-page complaint shared with regulators and The Washington Post this summer — said that Twitter executives misled the public, regulators and the company’s own board about its systemically broken defenses against hackers.

He described an executive team that was financially incentivized to ignore root problems, such as employees having too much access to data. Because the company wasn’t properly tracking data access, he claimed, it was impossible for the company to respond to critical national security risks — including access gained by potential foreign agents on its payroll.