SEC Probes Twitter Security Lapse Before Elon Musk Took Over

tech.hindustantimes.com:

The Securities and Exchange Commission is investigating how Twitter Inc. managed a 2018 security lapse that exposed personal user information before billionaire Elon Musk bought the social media platform last year. The agency has been scrutinizing whether the former top executives failed to adequately disclose those privacy issues to shareholders or put in place proper controls, according to people familiar with the matter who asked not to be identified discussing a confidential investigation. A bug on the social media platform had let outsiders view user email addresses during password resets, which revealed the identity of users, said one of the people.

The executives in charge at the time included Twitter's former Chief Financial Officer Ned Segal and former Chief Technology Officer Parag Agrawal, who became chief executive officer in 2021 after co-founder Jack Dorsey left the company. Dorsey was CEO in 2018.

It isn't clear whether an enforcement action will result from the review or when it will wrap up, the people said. None of the former executives has been accused of any wrongdoing.

Agrawal and Segal were ousted last year after Musk purchased the company for $44 billion. Musk, who changed the platform's name to X Corp., hired an outside law firm to do an internal investigation of complaints about lax computer-security measures at the company after he took over.

The SEC and a spokesman for Segal declined to comment. Spokespeople for X Corp. and Dorsey and a lawyer for Agrawal didn't respond to requests for comment.

Twitter suffered several security breaches in 2018, including discovery of a computer virus that left users' passwords exposed and a security flaw in Twitter's system that made it possible to identify the