Skip to Content

Ex-Twitter security head Mudge testifies to Congress after whistleblower report

Twitter ex-security head blows the whistle, claims reckless and negligent cyber policies

Incredible news this week that stunned the cybersecurity world. Peiter Zatko, aka Mudge, Twitter’s former head of security, blew the whistle on what he claims are negligent cybersecurity practices at Twitter, from vast internal access to Twitter’s entire source code, laptops that weren’t patched, servers that weren’t licensed, and fears that Twitter was unable to protect itself from insider threats on January 6. Mudge is no stranger to cybersecurity, his credentials are impeccable and his reputation is pristine. He’s worked in government, spent time at Google, and testified to lawmakers. Yet Twitter claims he’s telling half the story and that he’s a disgruntled ex-employee fired for poor performance — claims that just don’t add up. Plus, some ex-Twitter employees piled on with their own security concerns, adding to Twitter’s headaches. The Washington Post has a great profile of Mudge, and CNN’s coverage has been excellent too. Mudge is expected to testify about his whistleblower complaint to lawmakers later this year, per @b_fung. Don’t expect this to blow over any time soon.


[Update on 18 September 2022] Ex-Twitter security head Mudge testifies to Congress after whistleblower report

A wild two-hour hearing with lawmakers on the Senate Judiciary Committee, Twitter’s former security lead turned whistleblower testified on Tuesday on a range of topics, mostly about the company’s security (or lack of), but there were a few interesting nuggets disclosed — not least that foreign spies were on (and could still be) on Twitter’s payroll — including from China and India, and that engineers — some half of its staff — had broad access to user and company information. It comes in the same week that The New Yorker reports that Mudge’s friends and colleagues were offered money to dish the dirt on him. Wired also looks at the protections a whistleblower has to take (think more than just Tor and Signal). @ericgeller had a running tweet thread from the testimony. Twitter denied and rebuked much of Mudge’s allegations, but didn’t provide any evidence of its own to the mix, which seems quite short-sighted given the circumstances.


    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on