Peter Zatko, the former head of security and the Twitter hacker, said the company's lack of internal security controls was such that it was unable to detect foreign intelligence agents who had infiltrated the company, according to a report by The Verge.
Zatko made the allegations in testimony he gave before the Senate Judiciary Committee on Tuesday, at a hearing on Twitter's data security practices.
Opening questions from Senators Dick Durbin (D-Illinois) and Chuck Grassley (R-Iowa) included allegations that Twitter faced numerous internal threats, including the presence of Indian government employees on the company's staff.
Zatko said the Indian government was not the only foreign government with clients within the company.
Zatko added that at least one Chinese spy was hired by Twitter, but it is not possible to know the full extent to which the company was hacked.
"We simply lack the ability to track down foreign intelligence agents and drive them out ourselves," Zatko added.
Zatko also reiterated the allegations in his disclosure to the US Securities and Exchange Commission, claiming that the inability to access the login list in the company's internal systems meant it was virtually impossible to know what data any particular employee had viewed.
Zatko told the hearing that there were "thousands" of attempts to access unauthorized data within the company each week, but that it was impossible to pinpoint them accurately.
The Judiciary Committee hearing was the first time Zatko has appeared in public since his disclosure of serious wrongdoing was filed with the Securities and Exchange Commission in July and reported by CNN and the Washington Post in August. last August.
Besides infiltration by representatives of foreign intelligence services, Zatko claimed numerous security holes within Twitter, including unclear access controls that gave about half of Twitter's 10,000 employees the ability to learn sensitive user data.
After a few weeks of relative calm, the new details presented to the session will undoubtedly put Zatko back in the spotlight.
While the information was revealed, Elon Musk's lawyers sought to subpoena Zatko to provide evidence in the ongoing lawsuit that Musk would have to buy Twitter or be allowed to back out of the deal.
But a new report from The New Yorker, published on the day of the Judiciary Committee hearing, quotes several of Zatko's friends and former colleagues as saying they were paid large sums of money to participate in "interviews" about Zatko's personality and work ethic. and driving style.
Despite his personal discomfort with the company, Zatko told the Judiciary Committee that he was willing to "do everything possible" to improve security at Twitter and in the industry as a whole.
Tags:
technology