In a whistleblower complaint, a former employee accuses Twitter of major security flaws.

Peiter Zatko, Twitter’s security chief until January, has filed a shocking whistleblower complaint alleging that the organization ignored major security flaws and misrepresented the number of “bots,” or fake profiles, on the platform. on the platform.

Zatko, also known as “Mudge,” is a well-known former hacker who filed a complaint with the Securities & Exchange Commission and the Federal Trade Commission last month. The Washington Post and CNN were the first to report on the complaint.

According to Zatko, Twitter executives ignored a number of security flaws, including failing to follow basic conventions such as properly safeguarding staff access to the core software, promptly deleting closed accounts, as well as installing and updating security software on company laptops and servers.

The whistleblower also claims that Twitter misled federal regulators about its progress in tightening up the privacy and security of its users’ accounts following a major hack.

According to the complaint, Twitter’s policy toward fake accounts incentivized “deliberate ignorance” by undercounting spam accounts and rewarding executives for increasing the number of users on the platform but not detecting bots.

According to Zatko, Twitter’s security flaws make the platform vulnerable to foreign spies, hacking, and disinformation campaigns.

The allegations come as Twitter is battling Elon Musk.

The complaint comes at a critical juncture for Twitter, which is preparing for a high-profile legal battle to compel billionaire Elon Musk to buy the company after agreeing to a $44 billion purchase deal.

But Musk is now looking to back out of the deal, claiming that Twitter was withholding information about the number of bots and spam on its platform, which the social media company has strongly denied.

The case between Twitter and Musk is set to go to trial on October 17.

Former CEO Jack Dorsey hired Zatko as Twitter’s security chief in 2020 after teenage hackers took over high-profile verified accounts, including those of former President Obama, then-presidential candidate Joe Biden, and Musk.

Twitter said in a statement that Zatko’s complaints are “riddled with inconsistencies and inaccuracies,” and that he was fired in January for poor performance. The complaint was also “opportunistic,” according to the company, and “designed to capture attention and inflict harm on Twitter, its customers, and its shareholders.”

Zatko claimed he tried to warn Twitter’s risk committee in January that executives were ignoring security flaws, but was fired two weeks later by CEO Parag Agrawal.