The firm’s ex-head of security Peiter ‘Mudge’ Zatko says the FBI had told company that there was at least 1 Chinese agent working there
The famed hacker says Twitter was reluctant to turn away from China as the fastest-growing overseas market for ad revenue
September 14, 2022
A Twitter logo is displayed on a mobile phone near a computer screen showing promoted tweets on China. Photo illustration: Reuters
The FBI informed Twitter Inc of at least one Chinese agent working at the company, US Senator Chuck Grassley said during a Senate hearing on Tuesday where a whistle-blower testified, raising new concerns about foreign meddling at the influential social media platform.
Peiter “Mudge” Zatko, a famed hacker who served as Twitter’s head of security until his firing last year, said some Twitter employees were concerned that the Chinese government would be able to collect data on the company’s users.
Twitter has come under fire previously for lax security, most notably in 2020 when teenage hackers seized control of dozens of high-profile accounts, including the verified profile for US President Barack Obama.
On Tuesday, Zatko’s testimony before the Senate Judiciary Committee revealed Twitter’s security issues could be far more serious, alleging for the first time that the company was informed of agents of the Chinese government working at the social media firm.
Twitter whistle-blower Peiter Zatko testifies at a Senate Judiciary hearing examining data security at risk in Washington on Tuesday. Photo: AP
During his testimony, Zatko referenced a Reuters story on Tuesday that detailed internal clashes between some teams that wanted to maximise the advertising revenue opportunity from Chinese advertisers and others who were concerned about doing business inside China amid rising geopolitical tensions.
“This was a big internal conundrum,” Zatko said, adding the company was reluctant to turn away from China as the fastest-growing overseas market for ad revenue. “In a nutshell, if we were already in bed, it would be problematic if we lost that revenue stream,” he said.
Zatko said on Tuesday that in the week before he was fired from Twitter, he learned the FBI told the company an agent of China’s Ministry of State Security, or MSS, the country’s main espionage agency, was on the payroll at Twitter.
It was not immediately clear if the alleged Chinese agent was still working at the company.
A Twitter spokesperson said the hearing “only confirms that Mr Zatko’s allegations are riddled with inconsistencies and inaccuracies”. The spokesperson added that Twitter’s hiring process is independent of foreign influence and access to data is managed through background checks and monitoring and detection systems.
Zatko also said he recalled a conversation with another Twitter executive about concerns that a foreign agent was inside the company. The executive responded “Well, since we already have one, what does it matter if we have more?”
When asked if he believed something good would come from the hearing, Zatko said “I hope so.”
“I’m basically risking my career and reputation. And if something good comes from this five or 10 years down the road, it will have been worth it.”
Grassley noted that Twitter Chief Executive Parag Agrawal refused to appear at the hearing for fear it could jeopardise the company’s litigation against Elon Musk, who is also the CEO of Tesla Inc. Twitter and Musk head to trial next month over whether the billionaire’s US$44 billion takeover deal should be completed.
The senator said in his opening remarks that many of the whistle-blower allegations directly implicated Agrawal, and if the claims were true, “I don’t see how Mr Agrawal can maintain his position at Twitter going forward.”
Later on Tuesday, Twitter will also announce the results of a shareholder vote on Musk’s takeover of the company. Twitter shareholders have approved Musk’s buyout of the company, Twitter said on Tuesday after a virtual special meeting of stockholders.
The San Francisco-based company sued Musk for terminating the agreement, while the Tesla chief executive countersued, accusing Twitter of misrepresenting the number of false and spam accounts on its service. A Delaware judge ruled last week that Musk may include Zatko’s whistle-blower claims in his case against Twitter, but denied his request to delay the trial.
The Senate Judiciary Committee is questioning Zatko over his claims that Twitter misled regulators about its compliance with a 2011 settlement with the Federal Trade Commission over improper handling of user data.
Since then, Twitter has made “little meaningful progress on basic security, integrity and privacy systems”, Zatko’s complaint filed with regulators in July said.
Twitter has said Zatko was fired for “ineffective leadership and poor performance,” and that his allegations appeared designed to harm Twitter.
Zatko’s whistle-blower complaint appeared to contain over two pages of links to supporting documents, such as emails between Zatko and CEO Agrawal and an assessment of misinformation and disinformation on Twitter. The number of documents was limited compared with those provided by Facebook whistle-blower Frances Haugen, who released thousands of pages of internal material.