SEC X Account Hack Is Not A System-Related Problem

Key Points:

• The SEC reassures no system breach despite an unauthorized tweet on its @SECGov account claiming fake Bitcoin ETF approval.
• SEC staff promptly regains control, deletes the deceptive post, and initiates investigations, including FBI involvement, to determine the breach’s origin.
• The SEC X account hack underscores ongoing challenges in securing financial regulatory bodies.

In a recent incident, the U.S. Securities and Exchange Commission (SEC) clarified that its systems and devices remained secure despite a fake Bitcoin ETF approval announcement posted on its @SECGov X account.

SEC X Account Hack: Unauthorized Post Sparks Investigation

On Tuesday, January 9, 2024, an unauthorized party accessed the account by gaining control of the associated phone number. The deceptive post, claiming the Commission’s approval of spot bitcoin exchange-traded funds, was made at 4:11 p.m. ET. Although the party deleted a subsequent post, there’s no evidence they breached SEC systems or data.

The SEC swiftly responded, affirming that staff retained control, promptly deleting the fake post, unliking unrelated tweets, and updating the main @SECgov account within 30 minutes.

Internally and externally, investigations are underway to ascertain the origin and potential profit from this social media breach. The FBI has joined the probe into the SEC X account hack that disrupted the Bitcoin world just ahead of the SEC’s legitimate approval of a Bitcoin exchange-traded fund.

While acknowledging the ongoing assessment of the SEC X account hack scope, the agency emphasized that no evidence points to the unauthorized party accessing SEC systems, data, devices, or other social media accounts.

This SEC X account hack raises concerns about cybersecurity defenses, given the SEC‘s critical role in regulating U.S. companies and markets. The agency, which previously faced a 2016 cyberattack compromising its corporate filings database, underscores the persistent challenge of safeguarding against cyber threats in the financial regulatory landscape.