Twitter Paid Whistleblower $7 Million For His Silence

Shutterstock/Rokas Tenys

Daily Caller News Foundation logo
Font Size:

Just days before whistleblower Pieter Zatko filed a complaint about behavior at Twitter, the company agreed to a $7 million settlement in June that included a nondisclosure agreement, the Wall Street Journal reported Thursday.

Zatko, also known online by the pseudonym “Mudge,” was still able to file the whistleblower complaint in spite of the requirement in his severance package to not disparage Twitter or speak publicly about his time there due to exceptions made for whistleblower complaints or Congressional hearings, the WSJ reported, citing people familiar with the matter. Zatko’s claims, which have since become central to Elon Musk’s attempt to renege on an ongoing deal to purchase Twitter, have been criticized by Twitter’s lawyers as “riddled with inconsistencies and inaccuracies,” in an Aug. 30 letter to the Securities and Exchange Commission. (RELATED: Elon Musk Cites Damning New Claims In Attempted Termination Of Twitter Deal)

Zatko first approached the nonprofit Whistleblower Aid in March, around three months before his settlement with Twitter, the WSJ reported. The information in Zatko’s complaint became public on Aug. 23 from simultaneous reports by CNN and The Washington Post.

Zatko reportedly negotiated aggressively during settlement negotiations, at one point raising his initial demands by five times, although the amount of initial demands could not be confirmed by the WSJ. Zatko, initially hired in late 2020 in response to a severe security breach at Twitter, was later fired for what Twitter claims was “ineffective leadership and poor performance,” according to the WSJ.

Zatko is a well-known and respected hacker-turned-cybersecurity-researcher, who first rose to prominence in the 1990s with a group of fellow hackers known as the L0pht group, according to the WSJ. The group was famous for warning companies and the public alike of cybersecurity dangers, in 1998 they told Congress the internet was so vulnerable they could shut it down in about 30 minutes.

L0pht group was also at the forefront of developing the modern cybersecurity practice of publicizing corporations’ bugs and security flaws to pressure them into rectifying them, according to the WSJ. The practice was originally incredibly controversial, but has since become standard practice in the cybersecurity industry.

“Mudge is respected in the policy community for bringing clear explanations of what matters in tech to policy makers,” Tarah Wheeler, CEO of security firm Red Queen Dynamics Inc told the WSJ. “He’s ethical, careful and sees the bigger picture.”

Zatko identified several security flaws, including the fact that a majority of  Twitter employees could access user data and that executives hid flaws from Twitter’s board, the WSJ reported. However, he was unable to wrangle the organization to take his concerns seriously, expressing frustration in his whistleblower complaint with former CEO Jack Dorsey, who he accused of only attending meetings “sporadically” and not weighing in on “complex corporate issues.”

Twitter declined to comment for the Daily Caller News Foundation.

All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact