“It doesn’t matter who has keys if you don’t have any locks on the doors. It’s not far-fetched to say an employee inside the company could take over the accounts of all the senators in this room,” Zatko said during at one point during his nearly two-and-a-half hour testimony. During his interview, he also explained that Twitter’s estimated 4,000 engineers have consistent access to private user data such as phone numbers and IP addresses. As such, they are in prime positions for infiltration from bad actors and hostile foreign governments Zatko, a former Department of Defense employee, also alleges that Twitter’s top executives are well aware of these numerous security issues, but are slow to deal with any of them. Instead, he claims that they purportedly mislead the public, Congress, federal regulators, and even members of its board of directors. “They don’t know what data they have, where it lives, and where it came from, and so, unsurprisingly, they can’t protect it,” said Zatko. Zatko argues that Twitter’s issues largely stem from being so far behind in cybersecurity, and a failure to properly update and maintain the systems required to protect its own data. “This fundamental lack of logging inside Twitter is a remnant of being so far behind on their infrastructure, the engineering, and the engineers not being given the ability to put things in place to modernize,” he explained. The latest whistleblower complaints come as Twitter faces increasing pressure from lawmakers and regulators over numerous issues ranging from security, to curbing misinformation, to even how it keeps track of the countless bots plaguing the platform. Elon Musk made headlines earlier this year after announcing his intentions to buy the company outright, but quickly reneged citing those aforementioned bot issues. Although critics argue his reasoning for dropping the deal doesn’t hold up to much scrutiny, these and other ensuing battles all but ensures Twitter has a long legal road ahead of it.
