Peiter “Mudge” Zatko, Twitter’s former head of cybersecurity who has alleged major security vulnerabilities and oversights at the company, testified before the Senate on Tuesday.
The cybersecurity veteran detailed a litany of security concerns in a whistleblower complaint that first became public in August, including that the company suffered a significant breach about once a week in 2020 and that it has had little protections against so-called insider threats, in which a company is vulnerable to its own employees.
In his opening statement, Zatko called Twitter “a decade behind industry security standards.”
“It’s not far-fetched to say that an employee in the company could take over the accounts of all of the senators in this room,” he said.
Most tech companies’ cybersecurity practices are tightly held secrets, so it’s difficult to compare Twitter’s to other tech companies. But in recent years, Twitter has suffered two of the U.S. tech industry’s biggest security incidents. A handful of hackers took over high-profile celebrity accounts in 2020 to urge cybersecurity, causing bedlam on the site for several hours. And last month, a federal jury convicted a former Twitter employee of using his position at the company to feed information to the Saudi royal family.
This is a developing story. Please check back for updates.
Source: | This article originally belongs to Nbcnews.com
