Leah Nylen and Jason Leopold report:
A previously undisclosed government-ordered audit of Twitter Inc.’s privacy and data controls missed failures later exposed by a whistleblower — raising questions about oversight of major technology platforms.
The 2021 external audit, obtained by Bloomberg News in response to a public records request, concluded that the company had appropriate safeguards. Months later, the company’s cybersecurity chief had left and alleged that Twitter’s practices were marred by “egregious deficiencies.”
Ernst & Young LLP certified that Twitter’s information security program was appropriate for the company’s size and that its “security controls meet or exceed the protections required” by the US Federal Trade Commission under a 2011 consent decree.
Read more at Bloomberg.
In somewhat related news, see Musk’s lawyer tells Twitter staff they won’t be liable if company violates FTC consent decree.