Twitter Auditors Missed Lapses Later Exposed by Whistleblower

A previously undisclosed government-ordered audit of Twitter Inc.’s privacy and data controls missed failures later exposed by a whistleblower -- raising questions about oversight of major technology platforms.

The 2021 external audit, obtained by Bloomberg News in response to a public records request, concluded that the company had appropriate safeguards. Months later, the company’s cybersecurity chief had left and alleged that Twitter’s practices were marred by “egregious deficiencies.”

Ernst & Young LLP certified that Twitter’s information security program was appropriate for the company’s size and that its “security controls meet or exceed the protections required” by the US Federal ...