- Twitter lifts ‘permanent’ suspension of activist Barrett Brown Monday 5:52 PM
- Billie Eilish fans fend off objectifying comments on tank top photo Monday 5:32 PM
- Groom’s mother sabotages wedding by tricking guests into wearing jorts and hoodies Monday 4:39 PM
- No one believes Bill de Blasio’s son sent him these debate prep texts Monday 3:26 PM
- Meek Mill, Jay-Z to release ‘Free Meek’ documentary on Amazon Prime Monday 3:20 PM
- 3 ways to secure your Nest cameras Monday 3:15 PM
- This Pokémon generator site is creating hilarious monsters Monday 2:48 PM
- MrBeast impersonator tricks kid into destroying his XBox Monday 12:50 PM
- This mom has the perfect nickname for her nonbinary kid Monday 12:25 PM
- Netflix tests pop-out player that will allow viewers to multitask Monday 11:44 AM
- Man allowed to sue media publishers over readers’ Facebook comments Monday 11:42 AM
- Republicans slammed for joke about ‘heavily armed militia’ at Oregon statehouse Monday 11:30 AM
- New bill wants tech companies to tell you how much your data is worth Monday 10:53 AM
- AOC has the best response to Steve King’s ‘concentration camp’ criticism Monday 10:19 AM
- Did Jake Paul and Tana Mongeau just get engaged? Monday 9:26 AM
Photo via Dave Center (CC-BY)
The Government Accountability Office had warned of SEC’s vulnerabilities.
The Securities and Exchange Commission (SEC) revealed this week that it was investigating a 2016 breach of its computer systems by hackers who may have exploited the private data accessed to conduct profitable trades.
The regulator’s corporate filing system, called EDGAR, is used by publicly traded companies to make highly sensitive and legally required report submissions.
In the disclosure, made in a lengthy cybersecurity statement issued on Wednesday evening, the agency said that hackers had gained entry to this system during 2016. SEC officials were unaware of the breach until August 2017 and quickly patched the security vulnerability, the agency said.
The securities regulator did not clarify which companies were affected or details about the vulnerability, but the hushed revelation comes just a week after it was reported that consumer credit reporting agency Equifax suffered a major breach exposing the personal information of 143 million Americans.
In July 2016, one month before the SEC breach was uncovered, the Government Accountability Office published a report that criticised the “limited effectiveness” of SEC’s computer systems “for protecting confidentiality, integrity, and availability.” What’s more, the report revealed that the regulator had failed to encrypt information and adequately apply important recommended security procedures.
The statement issued by SEC late Wednesday was, in part, a response to that negative assessment that made assurances that security recommendations had now been applied. Under the leadership of its new director, Walter Clayton, this has become a stated priority.
A 2015 case was brought by the agency against fraudulent insider trading ring that had paid Ukrainian hackers to gain access to sensitive information. The breach revelation, however, will exacerbate already present fears that regulators like SEC will be increasingly the target of such attacks by criminals seeking an advantage on the stock markets.
David Gilmour is a reporter who specializes in national politics, internet culture, and technology. He previously covered civil liberties, crime, and politics for Vice.