Twitter did not care if they employed foreign spies from China or India, a former Twitter whistle-blower testified before Congress on Tuesday, adding that one Twitter executive suggested it did not “matter.”
During a Senate Judiciary Committee hearing, whistle-blower Peiter “Mudge” Zatko told lawmakers that at least one Twitter executive suggested having spies on the company’s payroll doesn’t “matter” and that “growing the office” was more important than taking action against foreign actors.
“I’m reminded of one conversation with an executive when I said, ‘I am confident that we have a foreign agent,’ and their response was, ‘Well, since we already have one, what does it matter if we have more? Let’s keep growing the office,’” Zatko said, as reported by Forbes.
In August, Zatko sent a whistle-blower complaint to the Justice Department and Securities and Exchange Commission (SEC) claiming that a spy from the Indian government worked for Twitter between November 2020 and January 2022. The complaint also noted that a suspected Chinese agent was working at the company.
Earlier this year, the Justice Department sentenced a Saudi Arabian national working at Twitter over spying on dissidents through the social media giant’s app.
According to an internal letter, Twitter CEO Parag Agrawal rejected Zatko’s claims as a “false narrative riddled with inconsistencies and inaccuracies and presented without important context.”
Senator Ron Wyden told Forbes he was “deeply troubled” by the allegations that Twitter is allowing foreign spies to access Americans’ personal data, adding that “If thousands of Twitter employees have access to private conversations, there’s no guarantee of security unless it’s baked into the design.”
Twitter hired Zatko, a security expert, after the social media platform fell victim to a cyberattack in 2020. Zatko said he witnessed Twitter fail multiple times on security-related issues, adding that executives “prioritize profits over security.”
Zatko said he believed Twitter was “misleading the public lawmakers, regulators and even its own board of directors” about its ability to protect users’ private information.
“It’s not far-fetched to say that an employee inside the company could take over the accounts of all of the senators in this room,” Zatko said.