Particle.news
Download on the App Store
16 ARTICLES
·
last yr.

SEC's X Account Compromised in SIM Swap Attack

Agency had disabled multi-factor authentication, leaving account vulnerable to hackers

Overview

  • The US Securities and Exchange Commission (SEC) has confirmed that its X account was compromised in a 'SIM swap' attack, where a phone number is transferred to another device without authorization.
  • The SEC had disabled multi-factor authentication (MFA) on its X account since July 2023 due to access issues, leaving it vulnerable to the attack.
  • The unauthorized party was able to post a false announcement about the approval of spot bitcoin ETFs, causing a brief spike in bitcoin prices.
  • The SEC is working with multiple law enforcement agencies, including the FBI and the Department of Homeland Security, to investigate the incident and track down the attacker.
  • Lawmakers and cybersecurity experts have criticized the SEC for its lack of adequate security measures, particularly given its role in regulating financial markets and its previous guidance on cybersecurity practices.