The United States Securities and Exchange Commission (SEC) recently experienced a security breach involving unauthorized access to its official Twitter account, @SECGov X. The incident was confirmed by SEC Chairman Gary Gensler, who reassured the public that there was no evidence of the breach extending to SEC systems or data.
The unauthorized party gained access to the account by taking control of the associated phone number, a technique similar to SIM-swapping attacks. Ironically, Gensler had previously recommended multi-factor authentication as a countermeasure to such attacks. The Office of Public Affairs staff managed to recover the account, removing the initial post by the malicious actor and reversing the “liked” status of previous posts.
The compromise was acknowledged in a post from @SECGov at 4:42 pm on the day of the incident. It is inferred that the hacker lost access to the account between 4:40 pm ET and 5:30 pm ET. The breach occurred around the time of the SEC’s landmark decision on spot Bitcoin ETF applications.
Despite the intruder’s actions, which included liking posts by non-SEC accounts and making a cryptocurrency-related post, investigations have revealed no harm to SEC systems, data, devices, or other social media accounts. Gensler emphasized the SEC’s commitment to evaluating the breach’s impact on other agencies, crypto investors, and marketplaces.
Recognizing the broader implications for the security of the SEC’s social media presence, Gensler stated that ongoing assessments will determine if additional remedial measures are necessary. The incident has prompted calls for a comprehensive investigation into the agency’s cybersecurity practices, with Senators Ron Wyden and Cynthia Lummis advocating for an independent probe.
The SEC is collaborating with law enforcement and security agencies such as the Federal Bureau of Investigation (FBI) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to identify the responsible party and assess the full extent of the breach.
Gensler affirmed that the Commission staff are still assessing the impacts of this incident on the agency, investors, and the marketplace. As the investigation unfolds, the SEC urges continued vigilance and emphasizes the need for robust cybersecurity practices in the financial sector.
This News Article was automatically generated by Bob the Bot (AI)
Information | Details |
---|---|
Geography | North America |
Countries | 🇺🇸 |
Sentiment | negative |
Relevance Score | 1 |
People | Cynthia Lummis, Gary Gensler, Ron Wyden |
Companies | Office of Public Affairs, Federal Bureau of Investigation, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, United States Securities and Exchange Commission, X.com |
Currencies | Bitcoin |
Securities | None |