SEC victim of hacking, filing system breached

Hackers may have profited from insider trading by using stolen confidential information

The US Securities and Exchange Commission was subject to hacking last year, it has disclosed. It said that its database of corporate announcements was breached and cybercriminals may have used the information for profit.

In a statement, SEC chairman Jay Clayton said that last month it had learned that an incident previously detected in 2016 "may have provided the basis for illicit gain through trading". It added that a software vulnerability in the test filing component of its EDGAR system, which was patched promptly after discovery, was exploited and resulted in access to non-public information.

"Notwithstanding our efforts to protect our systems and manage cybersecurity risk, in certain cases, cyber threat actors have managed to access or misuse our systems," said Clayton.

"We believe the intrusion did not result in unauthorized access to personally identifiable information, jeopardize the operations of the Commission, or result in systemic risk. Our investigation of this matter is ongoing, however, and we are coordinating with appropriate authorities."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"Effective management of internal cybersecurity risk is critical to the SEC achieving its mission and to protecting the non-public information that is entrusted to this agency," SEC Commissioner Michael S. Piwowar said in a statement.

Ilia Kolochenko, CEO of web security company High-Tech Bridge, told IT Pro that the disclosed breach may have disastrous consequences outshining Equifax.

"Cybercriminals could have manipulated the entire stock market and make billions of illicit profit. Ethical investors, including pension and sovereign funds, without the insider information could have lost fortunes as a result," he said.

"This incident clearly exposes how vulnerable our global financial ecosystem is, and how unprepared we are to fight skyrocketing cybercrime. In the future, we will see a steady fusion of common crime with cyber gangs that jointly may challenge state power and dictate their laws, while law enforcement agencies are catastrophically underfinanced by governments and just don't have enough resources to tackle global cybercrime."

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/mobile/28299/how-to-use-chromecast-without-wi-fi
Mobile

How to use Chromecast without Wi-Fi

5 Feb 2020
Visit/security/34616/the-top-ten-password-cracking-techniques-used-by-hackers
Security

The top ten password-cracking techniques used by hackers

10 Feb 2020
Visit/operating-systems/microsoft-windows/354739/windows-7-bug-blocks-users-from-shutting-down-their-pcs
Microsoft Windows

Windows 7 bug blocks users from shutting down their PCs

10 Feb 2020
Visit/hardware/354723/coronavirus-starts-to-take-its-toll-on-the-tech-industry
Hardware

Coronavirus starts to take its toll on the tech industry

6 Feb 2020