the U.S. Securities and Exchange Commission (SEC) fell victim to a cybersecurity breach as an unauthorized party gained access to its official Twitter account, @SECGov, on Tuesday, January 9, 2024. The breach occurred shortly after 4:00 pm ET and was promptly addressed by SEC staff.
According to the SEC’s press release issued on January 12, the unauthorized party gained control over the @SECGov X.com account by manipulating the associated phone number. Subsequently, at 4:11 pm ET, the hacker made a false announcement on the approval of spot bitcoin exchange-traded funds. Moments later, a second post simply stating “$BTC” was made, though it was deleted shortly afterward. The SEC confirmed that there is no current evidence indicating the unauthorized party accessed SEC systems, data, devices, or other social media accounts.
Upon discovering the breach, the SEC’s Office of Public Affairs took immediate action. At 4:26 pm ET, a post alerting the public to the compromise and the false approval announcement was made on SEC Chair Gary Gensler’s official X.com account. Simultaneously, the first unauthorized post on @SECGov was deleted, and two liked posts from non-SEC accounts were un-liked. By 4:42 pm ET, a new post on @SECGov acknowledged the account’s compromise.
The fake tweet affected Cryptocurrency market and inflicted substantial losses on investors.
Firstly, the unauthorized access to the @SECGov X account resulted in false claims about the approval of Bitcoin ETFs. This misinformation triggered a surge in Bitcoin prices, adversely impacting those who had utilized options to short Bitcoin.
Efforts to terminate the unauthorized access were swiftly initiated, with the SEC reaching out to X.com for assistance. Based on the information available, the breach was successfully terminated between 4:40 pm ET and 5:30 pm ET.
According to the statement, The SEC staff is collaborating with law enforcement and federal oversight entities, including the SEC’s Office of Inspector General, the Federal Bureau of Investigation, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Updates on the incident will be provided as the investigations progress.