US lawmakers sent a list of questions to Twitter about its security policies and procedures on Monday evening, hours before the company’s former head of security is scheduled to testify before a Senate panel about security and privacy problems he says he uncovered while working at the company.
In a letter addressed to Twitter CEO Parag Agrawal, the leaders of the Senate Judiciary Committee wrote that, if true, allegations lodged by whistleblower Peiter “Mudge” Zatko “demonstrate an unacceptable disregard for data security that threatens national security and the privacy of Twitter’s users.”
In their letter, Judiciary Committee Chair Dick Durbin of Illinois and the panel’s top Republican, Chuck Grassley of Iowa, questioned Twitter about how it limits employee access to sensitive user data; the company’s procedures for protecting user data from being exposed to foreign intelligence; and claims that Twitter misled regulatory agencies on multiple occasions.
“The disclosure paints a disturbing picture of a company that has fallen short of basic security standards in the technology industry, failed to adequately mitigate attempts by foreign governments to gain access to sensitive user information, and willfully misled government regulators,” the pair wrote.
In July, Zatko filed an 84-page whistleblower complaint with the US Securities and Exchange Commission, Department of Justice and the Federal Trade Commission, alleging alleges his former employer prioritized user growth over privacy and security.
Zatko accused Twitter executives of hiding bad news instead of trying to fix problems he brought to their attention. Twitter appeared to have a high rate of security incidents, some employees had disabled security and software updates on their devices and staff had too much access to user data, Zatko alleged in the complaint. Twitter pushed back against the allegations and said the whistleblower complaint has inconsistencies, inaccuracies and lacks important context.
Twitter didn’t immediately respond to a request for comment.
