agreed in June to pay roughly $7 million to the whistleblower whose allegations will be part of
case against the company, according to people familiar with the matter.
The settlement was completed days before
filed his whistleblower complaint in July. Mr. Zatko is the hacker who was Twitter’s security head before being fired in January. In his whistleblower complaint, Mr. Zatko accuses the company of failing to protect sensitive user data and lying about its security problems.
Twitter’s confidential June settlement was related to Mr. Zatko’s lost compensation and followed monthslong mediation over tens of millions of dollars in potential pay, the people said. Such compensation agreements aren’t unusual when an executive departs a company prematurely and leaves behind potential stock options and other money.
As part of the settlement, Mr. Zatko agreed to a nondisclosure agreement that forbids him from speaking publicly about his time at Twitter or disparaging the company, the people said. Congressional hearings and governmental whistleblower complaints are two of the few venues in which he is permitted to speak openly, they said, and such exemptions are typical in compensation settlements.
Mr. Zatko is set to testify before the U.S. Senate Judiciary Committee on Tuesday to discuss his allegations of security failures at Twitter. The same day, Twitter shareholders are being asked to vote on Mr. Musk’s proposed takeover of the social-media company.
Since his complaints became public, Mr. Zatko has become a central figure in a legal battle by Twitter to force Mr. Musk to follow through with his deal to buy the company for $44 billion. In a hearing on Tuesday, one of Mr. Musk’s lawyers referenced Twitter paying Mr. Zatko $7 million, though didn’t specify that the compensation was part of a settlement.
Mr. Zatko said in his complaint that he “uncovered extreme, egregious deficiencies by Twitter in every area of his mandate,” including privacy, digital and physical security, platform integrity and content moderation.
Twitter has said Mr. Zatko was fired “for ineffective leadership and poor performance” and that his whistleblower complaint “is riddled with inconsistencies and inaccuracies and lacks important context.”
Mr. Musk, meanwhile, is being sued by Twitter after attempting to back out of his deal to buy the company. He has been arguing that Twitter misrepresented its business, particularly as it relates to the level of spam or bot accounts, which Twitter denies. On Wednesday, a judge ruled that Mr. Musk can amend his countersuit against Twitter to incorporate allegations from Mr. Zatko’s complaint.
A five-day nonjury trial is scheduled to start Oct. 17 in Delaware Chancery Court.
At one point during the negotiations, Mr. Zatko increased his settlement demand by roughly five times, some of the people familiar with the matter said. It couldn’t be learned what his demand was at the time, and it is typical for executives to ask for much more than they ultimately receive.
Mr. Zatko’s concerns about Twitter became public in late August after a whistleblower complaint he had sent to the Securities and Exchange Commission, the Justice Department and the Federal Trade Commission was leaked to media outlets including the Washington Post and CNN.
founder of Whistleblower Aid, an organization that helped file the whistleblower claims, previously told The Wall Street Journal that Mr. Zatko first approached the nonprofit in early March. Mr. Tye also said Mr. Zatko has never met or spoken with Mr. Musk and that Mr. Musk’s team hasn’t been in contact with the nonprofit about Mr. Zatko’s complaint.
“Mr. Zatko could have stayed silent about what he saw at Twitter to protect his career and family,” one of Mr. Zatko’s lawyers,
of Katz Banks Kumin, said in a written statement. “Instead, he came forward with his whistleblower disclosures to ensure that the government has the information it needs to protect Twitter’s users, investors, and the country.”
Twitter hired Mr. Zatko in late 2020 when co-founder
brought him in after a high-profile hack by a teenager who bypassed the company’s securities systems.
Mr. Zatko, known as “Mudge,” has been a noted computer-security researcher for decades. He was a member of a Boston cybersecurity collective that came to prominence in 1998 when it offered warnings about the state of national cybersecurity in testimony to the U.S. Senate.
Mr. Musk’s team has argued that the whistleblower claims could support its allegations that Twitter committed fraud by misrepresenting the condition of its business and crucial metrics about the users on its platform.
Twitter’s team countered by describing Mr. Zatko as a disgruntled former employee with an ax to grind and arguing his unsubstantiated complaints after an unsuccessful tenure shouldn’t be included in the Delaware suit. It also has said Mr. Zatko’s work at the company wasn’t related to the alleged undercounting of spam and bot accounts that Mr. Musk cited in his counterclaims.
Write to Cara Lombardo at [email protected]
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8