Twitter whistleblower Peiter ‘Mudge’ Zatko’s testimony was ‘terrifying’ for Capitol Hill staffers

Whistleblower Peiter “Mudge” Zatko’s dramatic Congressional testimony last week about “egregious” security problems at Twitter left some Capitol Hill aides on edge. 

Zatko, Twitter’s ex-security chief, described a litany of alleged privacy and national security risks, including the site hiring a Chinese spy and giving thousands of employees the ability to access users’ accounts.

“[It’s] not far-fetched to say that employees inside the company could take over the accounts of all of the Senators in this room,” Zatko warned last Tuesday. 

His comments left some Capitol Hill staffers fretting not just about their bosses’ Twitter accounts — but also about their own. 

When they’re not fetching coffee or talking policy, many Congressional staffers use Twitter’s direct messages to gossip with each other and leak information to reporters.

Zatko’s comments caused some aides to wonder whether their private messages could fall into the hands of foreign spies or get back to their bosses. 

“It was terrifying,” one Congressional staffer told The Post, adding that people on the Hill are “nervous.”

Many Congressional staffers use Twitter’s direct messages to gossip with each other and leak information to reporters.
Los Angeles Times via Getty Imag

With the threat of Chinese spies snooping on their DMs, Capitol Hill chatterboxes could turn to texting, old-fashioned phone calls or encrypted messaging apps like Signal.

“I wouldn’t have any substantive conversations on Twitter at this point,” the aide said.

Twitter says that users have no reason to worry about their accounts being compromised.

Following Zatko’s testimony last week, the site said that its hiring process is secure and that last week’s testimony “only confirms that Mr. Zatko’s allegations are riddled with inconsistencies and inaccuracies.”

Peiter Zatko
Twitter hired Peiter Zatko in 2020 after Joe Biden and Barack Obama’s Twitter accounts were hacked.
AP

Twitter hired Zatko in November 2020 following a high-profile breach in which hundreds of accounts belonging to figures including Joe Biden, Barack Obama, Elon Musk and Kanye West were hijacked to promote a cryptocurrency scam.

The company fired him in January 2022 for what it has said was “poor performance and ineffective leadership.”