Twitter (TWTR) is facing many threats following its second quarter. Currently, it is battling Elon Much, following his decision to back out of an agreement for the purchase of the social media platform. However, this news is now widely overshadowed by reports from its former security chief Peiter “Mudge” Zatko came out after he filed a whistleblower complaint about the lack of security on Twitter.
Zatko, who filed in July with the Securities and Exchange Commission, Department of Justice, and Federal Trade Commission, has said that Twitter has worked towards disincentivizing employees from looking at the number of bots using the platform as they try to grow their daily users. The company has so far maintained that the bots make up less than 5% of users, however, Zatko has said that Twitter has no way of knowing the number of bots using their platform.
More importantly, Zatko is also claiming that half of Twitter employees have access to data that could be considered sensitive. He has also noted that Twitter has previously hired representatives of India’s government who got access to data without Twitter’s knowledge.
If Zatko’s claims prove to be true, then there could be a wide range of lawsuits on Twitter’s horizon. There could also be many fines that they would need to pay to regulators, not to mention damages in their advertising if the company proves to not be secure.
According to Erik Gordon, clinical assistant professor at the University of Michigan Ross School of Business, this could be another potential problem for Twitter shareholders to deal with, which has nothing to do with Musk, and everything to do with security laws.
In October, Twitter is set to have a court session to force Musk to buy the company. In the meantime, Musk will need to prove that Twitter provided inaccurate information regarding the number of bots on the platform. Musk has maintained that the lack of information on this means that there could be many more bots, reaching up to 20% of users on the platform.
Zatko is now saying that Twitter doesn’t know how many spam and bots accounts exist and that its employees are not incentivized to find out.
