Connect with us

Hi, what are you looking for?


Unearthed Government Report Found SEC Lacking “Effective” Cybersecurity Programs Two Weeks Before X Hack: Fox

The United States Securities and Exchange Commission (SEC) received a report from the Office of Inspector General (OIG) alleging that its cybersecurity program was lacking just two weeks before the commission’s X account was hacked on January 9, according to Fox Business reporter Eleanor Terrett.

SEC Received OIG Report Two Weeks Before X Hack

Eleanor Terret tweeted on May 6 about the issue, highlighting a December 2023 OIG report, an independent evaluation by contractor Cotton & Company Assurance and Advisor concluded that the federal regulator fell short of “effectively mitigating security weaknesses.”

“To improve the SEC’s information security program, we urge management to take action to address areas of potential risk identified in this report,” the report read.

The nearly 30-page document highlighted a list of much-needed improvements to the SEC’s security protocols, including maintaining its vulnerability disclosure policy and logging meeting requirements.

NEW: Remember the @SECGov X hack from January 9th? The last update from the agency on January 22 stated that it was working with the Office of the Inspector General and several outside agencies including the FBI about the incident.

But apparently in 2023, the SEC OIG got an…

— Eleanor Terrett (@EleanorTerrett) May 6, 2024

“I am pleased your report identified improvements to SEC’s information security program across several domains, such as risk management, supply chain, security training, and continuous diagnostics and monitoring,” the SEC’s Chief Information Officer David Bottom said in a December 2023 letter to OIG. “The SEC’s Office of Information Technology (OIT) continues to focus on improving maturity throughout the program, even though not all metrics are evaluated and scored each year.”

After receiving OIG’s report on its underperforming security program, the federal agency was ordered to submit an action plan within 45 days. The SEC was hacked shortly after on January 9 when an authorized party gained access to the commission’s X account and posted a fake spot Bitcoin ETF approval announcement.

Cybersecurity Program Questioned Following Report

According to CoinDesk, the hack resulted in $90 million in liquidations, prompting market manipulation concerns.

Fraudulent announcements, like the one that was made on the SEC’s social media, can manipulate markets. We need transparency on what happened.

— Senator Cynthia Lummis (@SenLummis) January 9, 2024

“Deeply concerned with this alleged hack of the SEC’s Twitter account,” Congresswoman Anne Wagner stated. “This is clear market manipulation that impacted millions of investors. I plan to get more answers from Chair Gensler on this incident.”

The federal agency was later found to have not enabled two-factor authentication, allowing an unknown party to access the commission accounts via a SIM-swapping attack.

“Access to the phone number occurred via the telecom carrier, not via SEC systems,” the SEC said in a statement shortly following the hack. “SEC staff have not identified any evidence that the unauthorized party gained access to SEC systems, data, devices, or other social media accounts.”

Despite its obvious vulnerabilities, it is unclear if or when the federal commission will face reprimand for the incident.

The post Unearthed Government Report Found SEC Lacking “Effective” Cybersecurity Programs Two Weeks Before X Hack: Fox appeared first on Cryptonews.

You May Also Like

Editor's Pick

For years the North Korean playbook was obvious to the world. The Democratic People’s Republic of Korea wanted to be the center of attention....

Editor's Pick

After the final lecture of my Fall 2022 International Economic Policy course (an undergraduate offering meant to introduce non-economics majors to the economics of...

Editor's Pick

In Risky Business: Why Insurance Markets Fail and What to Do About It (Yale University Press, 2023), economists Liran Einav (Stanford), Amy Finkelstein (MIT),...

Editor's Pick

Real gross domestic product rose at a revised 3.2 percent annualized rate in the third quarter versus a 0.6 percent rate of decline in...

Disclaimer:, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2024