Twitter Pressured to Give Information on Alleged Saudi Spies

(Bloomberg) -- Republicans on the House Committee on Oversight and Reform are pressuring Twitter Inc. to disclose information about a 2015 data breach at the company involving former employees who allegedly worked as spies for the government of Saudi Arabia.

Representative James Comer, a Kentucky Republican and the ranking member on the committee, wrote to Twitter Chief Executive Officer Jack Dorsey on Sept. 2, accusing the company of “mismanagement” and stating that he will “consider all possible options, including legislation, to ensure Twitter’s security no longer puts people’s lives at risk.”

Comer’s letter was partly in response to an Aug. 19 Bloomberg report, which detailed allegations about two former Twitter employees who are said to have secretly worked for the Saudi government, gathering internal data on anonymous Saudi Twitter users in return for gifts and cash, or promises of future employment.

Read More: Twitter Security Breach Blamed for Saudi Dissident Arrests

The data gathered by the two employees was allegedly shared with Saudi officials, who used it to harass or arrest people critical of the government, including humanitarian aid worker Abdulrahman al-Sadhan, who was detained by secret police in Riyadh on March 12, 2018, according to lawsuits, human rights groups and the sister of al-Sadhan.

“Twitter’s lack of transparency about any actions it has taken to provide more robust oversight and security gives the appearance the company believes it bears no responsibility for any of the crimes committed using its platform,” Comer wrote. “Twitter appears to place far too much trust in too many people, granting them extraordinary access to people’s data and personal information.

“Twitter has refused to address these concerns,” he added. “Now, it would seem from the reports involving Saudi Arabian spies, Twitter’s mismanagement may have led to the deaths of dissidents.”

In a Sept. 11 letter to Comer, Twitter declined to provide him with information about the case on the grounds that investigations are underway. “We work closely with our peers and industry experts to promote cybersecurity best practices to prevent intrusions while also working with law enforcement to identify bad actors and help bring them to justice,” wrote Jessica Herrera-Flanigan, a Twitter vice president for public policy and philanthropy. A copy of the letter was seen by Bloomberg News.

Comer has repeatedly pressured Twitter in recent months. On July 15, hackers breached the social media platform and compromised 130 accounts, including those of Barack Obama, Joe Biden, Jeff Bezos and Elon Musk. A 17-year-old Florida man was accused of being the mastermind, and two others were arrested for their role in the scheme, a cryptocurrency scam that allegedly netted more than $100,000. Comer wrote to Twitter the following day, requesting information about Twitter’s response to the incident. Later in July, Twitter organized a briefing for members of the House Committee on Oversight and Reform.

“Twitter clearly does not take security and oversight of its practices seriously,” a Republican spokesperson for the committee told Bloomberg. “Absent concrete action from Twitter to address these concerns, the committee is reviewing its options.”

A Twitter spokesperson said the company has “been in communication with and have briefed various congressional committees and individual representatives on the recent security incident many times.”

“We have also consistently communicated proactively to the public on this issue, publishing live tweets, blog posts and proactive outreach to our customers on every specific detail that we can share around an ongoing legal investigation,” the spokesperson said.

©2020 Bloomberg L.P.