SEC: Hack used to make illegal gains

Ken Copeland
September 22, 2017

The U.S. Securities and Exchange Commission said Wednesday night that its online filing system was hacked and the culprits may have made profits illicit trades.

The SEC disclosure came two weeks after credit-reporting company Equifax Inc said a breach has exposed sensitive personal of data up to 143 million us customers, and follows last year's cyber attack on SWIFT, the global bank messaging system.

Earlier this year the SEC filed fraud charges against a mechanical engineer who was accused of "scheming to manipulate the price of Fitbit stock by making a phoney regulatory filing" on the EDGAR system.

And the lack of details from the SEC about the breach will likely raise questions about what other EDGAR data may have been exposed, such as information related to ongoing financial investigations and sensitive personal information, Rossi said.

It says that the system has been patched to remove this software vulnerability.

The hacking, it said, "may have provided the basis for illicit gain through trading".

The order put responsibility for cybersecurity on the shoulders of the director of every federal agency, making it more hard for executives to pass the buck to their information technology staffs.

Deals: Amazon India offers great discounts, iPhone prices cut up to 30%
A 32-inches HD ready LED TV by Intex Avoir is being offered at 43% off at Rs 12,499, instead of Rs 21,990. The phone is available at Rs 12,990 after a discount of 32 percent on the initial price of Rs 18,990.

James Corden Admits He's "Disappointed" by Photo of Himself Kissing Sean Spicer
Attempting to provide an explanation, Corden blamed celebratory drinks at the Emmys afterparty. In his defense, Corden joked, "To be fair, everyone was kissing ass last night at the Emmys".

Zapad - photos from exercise that is causing angst in North Atlantic Treaty Organisation
According to the Russian portal, the accident happened on Monday at the Luzhsky range, near from the Estonian border. According to a report by Moscow Times , two people were hospitalised with serious injuries after the incident.

The SEC said it has been conducting an assessment of its cybersecurity since Clayton took over as chairman in May.

The hackers exploited a software glitch in the test filing component of the system to gain access to non-public information, the agency said. It also found that the SEC did not always encrypt information and had failed to fully implement recommendations from the GAO that would help detect intrusion.

The SEC discussed the 2016 hack in a lengthy statement by Clayton on the agency's cybersecurity efforts. Clayton said the agency's breach did not result in exposing personally identifiable information.

But as one of the world's largest collectors of sensitive information, America's federal government is a major target for hackers from both the private sector and foreign governments.

"Failure to do so may result in an enforcement action", he warned, although the SEC is yet to ever bring any such action against a non-complying company.

"Notwithstanding our efforts to protect our systems and manage cybersecurity risk, in certain cases cyber threat actors have managed to access or misuse our systems", Clayton said in the statement.

In this case, the men were accused of using hackers to break into companies like Business Wire and PR Newswire over a period of five years to steal 150,000 not-yet-public news releases of publicly traded companies.

Other reports by Guamnewswatch

Discuss This Article