Republican Senator Chuck Grassley is urging Twitter to “immediately” correct “significant security failures” reported by whistleblower Peiter Zatko, the company's former security chief.
“Twitter collects vast amounts of data on American citizens,” the lawmaker from Iowa said in a letter sent to CEO Elon Musk on November 22. “In the hands of a foreign adversary, this data is a gold mine of information that could be used against American interests. Twitter has a responsibility to ensure that the data is protected and doesn’t fall into the hands of foreign powers.”
The letter comes several months after Zatko testified to the Senate Judiciary Committee about potential security lapses at the company.
Grassley references that testimony in his letter, writing that Zatko “made clear that a compromised Twitter employee working on behalf of a foreign power could use this access to collect data on Americans and even hack other parts of a user’s phone to access files, photos, or conversations that could then be used to extort, blackmail, or collect intelligence.”
In September, Grassley, along with Senator Dick Durbin (D-Illinois), demanded answers about security from Twitter's former CEO Parag Agrawal.
The lawmakers posed a series of lengthy questions to Agrawal, including ones relating to how the company protects consumer data from foreign intelligence.
Grassley writes that Agrawal did not answer the questions, due to the then-pending litigation with Musk over his attempt to back out of purchasing the company.
The lawmaker is now asking Musk to answer the same questions by December 15, and also to “perform a threat assessment of Twitter’s security protocol to better protect user data and privacy.”
“Now that you have completed your acquisition of Twitter, you are uniquely positioned to provide answers to Congress where your predecessor failed,” Grassley writes.