SEC chairman faces questions from Congress after data breach

September 26, 2017 by Ken Sweet
In this March 23, 2017, file photo, Securities and Exchange Commission Chairman nominee Jay Clayton testifies on Capitol Hill in Washington at his confirmation hearing before the Senate Banking Committee. Clayton, now SEC chairman, is likely to face an especially tough hearing in front of Congress on Tuesday, Sept. 26, 2017, after the agency acknowledged that it also was a victim to a hack. (AP Photo/Pablo Martinez Monsivais, File)

The chairman of the Securities and Exchange Commission is likely to face an especially tough hearing in front of Congress on Tuesday, after the agency acknowledged that it also was a victim to a hack.

News about the of an SEC network that delivers news and data to investors follows the disclosure of the massive data breach from credit company Equifax that allowed hackers to access or steal the personal information of 143 million Americans.

Jay Clayton, who has been at the head of the SEC since May, is not likely to face calls for his removal since the breach happened a year ago, before he was sworn in. But he may be questioned about whether the SEC—the federal government's main arm for enforcing rules and regulations on Wall Street—is up to the task of keeping data secure.

WHAT QUESTIONS MAY CLAYTON FACE?

Two major issues in this SEC breach are the potential for insider trading and whether the SEC knew about the for months and only recently decided to disclose it.

The SEC operates a system known as EDGAR, which allows publicly traded companies to upload digitally the documents they are required to share with investors. What appeared to happen is that hackers were able to get into the system in a way that allowed them to see companies filing their documents to the SEC but before those documents would be dispersed to the general public.

Clayton will likely have to answer how probable it is that took place and what the scope of it might be. He is also likely to be asked why the commission sat on the news of this breach until August when it happened a year ago. The hack occurred despite repeated warnings in recent years about weaknesses in the agency's data security controls. Members of the Senate Banking Committee may well want to know what the SEC has done to secure its systems.

WHY IS THIS A BIG DEAL?

The hack of the document system is especially worrisome because of how widely investors have used and trusted the system, which came online in the early 1990s. Companies use EDGAR to alert investors to important developments that could affect their share prices, like government investigations, executive shake-ups and approaches for a takeover. If hackers were able to see information before the rest of the investment community did, they would have a trading advantage.

The SEC's disclosure also follows one from Equifax, which said this month that information about millions of people was exposed. The SEC is currently investigating the Equifax breach, and news of the hack will raise questions about whether an agency that is tasked with sanctioning companies is unable to keep their own house in order.

WHO MAY BE INVOLVED

The SEC hasn't said which individuals or companies may have been affected or who might have carried out the breach. Experts say a by Chinese or Russian actors can't be ruled out.

While it discovered the breach last year, the agency says it only became aware last month that information obtained by the intruders may have been used for illegal trading profits.

Critics say the SEC isn't meeting the same security standards it demands of corporate America.

Explore further: Fed agency urging corporate cybersecurity upgrades is hacked

Related Stories

Fed agency urging corporate cybersecurity upgrades is hacked

September 21, 2017

The federal agency responsible for ensuring that markets function as they should and for protecting investors was hacked last year and the intruders may have used the nonpublic information they obtained to profit illegally.

Deloitte says 'very few' clients hit by hack

September 25, 2017

Deloitte said Monday that "very few" of the accounting and consultancy firm's clients were affected by a hack after a news report said systems of blue-chip clients had been breached.

Investors punish Equifax for massive data breach

September 8, 2017

Investors were bailing out on Equifax a day after the credit monitoring company said a data breach exposed the Social Security numbers and other personal data of 143 million Americans.

US watchdog confirms probe of huge Equifax data breach

September 14, 2017

A US consumer protection watchdog agency said Thursday it has begun an investigation into a massive data breach at credit bureau Equifax that may have leaked sensitive information on 143 million people.

Equifax says it had a security breach earlier in the year

September 19, 2017

Equifax, under pressure from a massive data breach, says it had a separate incident earlier this year. That may mean even more scrutiny as the company deals with the aftermath of a security failure that exposed the information ...

Recommended for you

Light-based production of drug-discovery molecules

February 18, 2019

Photoelectrochemical (PEC) cells are widely studied for the conversion of solar energy into chemical fuels. They use photocathodes and photoanodes to "split" water into hydrogen and oxygen respectively. PEC cells can work ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.