Fed agency urging corporate cybersecurity upgrades is hacked

September 21, 2017 by The Associated Press
In this March 23, 2017, file photo, Securities and Exchange Commission (SEC) Chairman nominee Jay Clayton testifies on Capitol Hill in Washington at his confirmation hearing before the Senate Banking Committee. The SEC says a cyber breach of a filing system it uses may have provided the basis for some illegal trading in 2016. In a statement posted Wednesday, Sept. 20, evening on the SEC's website, Clayton says a review of the agency's cybersecurity risk profile determined that the previously detected "incident" was caused by "a software vulnerability" in its EDGAR filing system. (AP Photo/Pablo Martinez Monsivais, File)

The federal agency responsible for ensuring that markets function as they should and for protecting investors was hacked last year and the intruders may have used the nonpublic information they obtained to profit illegally.

The disclosure arrived two months after a government watchdog said deficiencies in the computer systems of the Securities and Exchange Commission put the , and the information it contains, at risk.

In July, the Government Accountability Office issued a critical report about the security measures employed by the SEC, citing a number of deficiencies in "the effectiveness of SEC's controls for protecting the confidentiality, integrity, and availability of its information systems." It issued 26 recommendations that it said would make SEC systems more secure.

According to the SEC, the breach was discovered last year, but the possibility of illicit trading was uncovered only last month. It did not explain why the hack itself was not revealed sooner, or which individuals or companies may have been impacted.

In a prepared statement, SEC Chairman Jay Clayton said a review of the agency's cybersecurity risk profile determined that the previously detected incident was caused by "a software vulnerability" in its filing system known as EDGAR, short for Electronic Data Gathering, Analysis, and Retrieval system. Clayton said SEC has been conducting an assessment of its cybersecurity since he took over as chairman in May.

The SEC files financial market disclosure documents through its EDGAR system, which processes more than 1.7 million electronic filings in any given year. Those documents can cause enormous movements in the market, sending billions of dollars in motion in fractions of a second.

The revelation from the critical agency comes as Americans grapple with the repercussions of a massive, months-long hack at the credit agency Equifax, which exposed highly sensitive personal information of 143 million people. Clayton said the agency's breach did not result in exposing personally identifiable .

The SEC hasn't said whether it is investigating the hack at Equifax, but the agency for years has leaned on publicly traded corporations to strengthen their own cybersecurity systems.

An investigation into the breach and its possible consequences is ongoing, and the SEC said that it is cooperating with the "appropriate authorities."

Explore further: Equifax says 100,000 Canadians' data hacked

Related Stories

Equifax says 100,000 Canadians' data hacked

September 19, 2017

The personal information of 100,000 Canadians may have been compromised in a hack of Equifax revealed earlier in the month, the credit data company said Tuesday.

143 mn affected in hack of US credit agency

September 8, 2017

A major American credit reporting agency entrusted to safeguard personal financial information said Thursday hackers looted its system in a colossal breach that could affect nearly half the US population as well as people ...

US watchdog confirms probe of huge Equifax data breach

September 14, 2017

A US consumer protection watchdog agency said Thursday it has begun an investigation into a massive data breach at credit bureau Equifax that may have leaked sensitive information on 143 million people.

Equifax executives step down after major hack (Update)

September 16, 2017

Equifax has replaced two senior executives entrusted with watching over its computers, after the credit reporting agency revealed it suffered a major hack that led to one of the worst-ever breaches of personal data.

Equifax says it had a security breach earlier in the year

September 19, 2017

Equifax, under pressure from a massive data breach, says it had a separate incident earlier this year. That may mean even more scrutiny as the company deals with the aftermath of a security failure that exposed the information ...

Recommended for you

Flying Dutch win world solar car race in Australia

October 12, 2017

Dominant Dutch team "Nuon" Thursday won an epic 3,000-kilometre (1,860-mile) solar car race across Australia's outback for the third-straight year in an innovative contest showcasing new vehicle technology.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.