September 13, 2022

Durbin Delivers Opening Statement During Senate Judiciary Committee Hearing With Twitter Whistleblower Peiter "Mudge" Zatko

This hearing will focus on Mudge’s allegations of data security failures, foreign infiltration, and misrepresentations to regulatory agencies by Twitter

WASHINGTON – U.S. Senate Majority Whip Dick Durbin (D-IL), Chair of the Senate Judiciary Committee, today delivered an opening statement during the Senate Judiciary Committee hearing entitled “Data Security at Risk: Testimony from a Twitter Whistleblower.”

Key Quotes:

“Twitter now plays an outsized role in politics, culture, and even democracy itself.”

“In July 2020, two teenagers hacked into the accounts of Twitter employees and gained access to a number of high-profile accounts—including now President Biden’s and former President Obama’s. Those two teenagers then sent a series of tweets from those accounts, and scammed Twitter users out of more than $100,000 in Bitcoin. In response, then-CEO Dorsey turned to a trusted name in the world of cybersecurity to lead an overhaul of Twitter’s security practices, and for more than a year, that’s what he tried to do until he was terminated by Twitter’s new CEO this January.”

“Last month, this individual released a whistleblower disclosure detailing a number of alarming allegations about Twitter’s security practices. Without objection, his disclosure will be entered into the record. That whistleblower’s name is Peiter Zatko—or, as he’s more commonly known: Mudge.”

“You’ve alleged a number of security flaws and weaknesses within the company—flaws that may pose a direct threat to the safety and privacy of Twitter’s hundreds of millions of users as well as America’s national security. And more broadly, you allege that compared to other technology companies, Twitter’s security standards remain woefully deficient. You allege that thousands of employees within the company have extraordinary access to the sensitive information of Twitter’s users and that there is little oversight over how that information is accessed.”  

“Twitter doesn’t just have access to your tweets and email address, they also have access to all of the data necessary to directly access your device—and even pinpoint your exact location.”

“Imagine if a malicious hacker or hostile foreign government broke into the President’s Twitter account, and sent out false information claiming that there was a terrorist attack on one of our cities. It could cause widespread panic. The bottom line is this: Twitter is an immensely powerful platform that cannot afford gaping security vulnerabilities. Today, we have a chance to engage in a good faith, bipartisan discussion to ask: What needs to be done?”

Yesterday, Durbin and U.S. Senator Chuck Grassley (R-IA), Ranking Member of the Senate Judiciary Committee, sent a letter to Twitter Chief Executive Officer (CEO) Parag Agrawal seeking information regarding Mr. Zatko’s whistleblower report concerning the social media platform.  In their letter, Durbin and Grassley outline some of the more serious concerns raised by Mr. Zatko, including the prospect that more than half of the company’s full-time employees have privileged access to Twitter’s production systems, enabling several thousand employees to access sensitive user data—while, at the same time, Twitter reportedly lacks sufficient capacity to reliably know who has accessed specific systems and data and what they did with it.

Video of Durbin’s opening statement is available here.

Audio of Durbin’s opening statement is available here.

Footage of Durbin’s opening statement is available here for TV Stations.

-30-