The Securities and Exchange Commission is investigating how Twitter Inc. managed a 2018 security lapse that exposed personal user information before billionaire Elon Musk bought the social media platform last year.
The agency has been scrutinizing whether the former top executives failed to adequately disclose those privacy issues to shareholders or put in place proper controls, according to people familiar with the matter who asked not to be identified discussing a confidential investigation. A bug on the social media platform had let outsiders view user email addresses during password resets, which revealed the identity of users, said one of the people.
