Former Twitter security chief alleges company hasn't disclosed 'egregious deficiencies'

Twitter executives deceived federal regulators and its own board of directors about the extent of the social media platform’s “extreme, egregious deficiencies” to prevent hacking and its marginal efforts against spam, according to a whistleblower complaint from the company’s former security chief.

The complaint was filed by former Twitter security chief Peiter Zatko, and a copy of the complaint was obtained by The Washington Post.

Zatko, also a well known hacker known as "Mudge," in his complaint portray’s Twitter as a disorganized and directionless company that cannot protect its 238 million daily users, which includes government agencies, heads of state and other influential public figures.

Twitter has yet to publicly respond to requests for comment.

The complaint comes amid increasing complaints and scrutiny of Twitter on such issues as hacking, content that is misinformation, content censuring and "bots" – fake accounts that inflate the platform's user numbers.

Among the most serious accusations in the complaint is that Twitter violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid security plan, the newspaper reports in its roughly 3,800-word report. 

Zatko’s complaint alleges he had warned colleagues that half the company’s servers were running outdated and vulnerable software and that executives withheld facts about the number of breaches and lack of protection for user data.

They instead presented directors with charts measuring unimportant changes, he alleges.

The complaint was filed last month with the Securities and Exchange Commission, Justice Department and Federal Trade Commission. The Post said a redacted version of the 84-page filing went to congressional committees and it obtained a copy from a senior Democratic aide.

Zatko is represented by the nonprofit law firm Whistleblower Aid.