The US Securities and Exchange Commission (SEC) has announced the details behind the incident in which the market regulator’s account on social media platform X was accessed by an unauthorized individual and a false message was published.
On January 9, the fake message stated that the SEC had approved all Bitcoin (BTC) exchange-traded fund (ETF) applications.
Minutes later, the committee’s chairman, Gary Gensler, revealed that a hacker had hacked into the market regulator’s X account and published the fake message.
According to the SEC, a hacker took control of the market regulator’s the hacker gets full administrative rights.
“Access to the telephone number was via the telecom provider, not via SEC systems. SEC personnel have not found any evidence that the unauthorized party gained access to SEC systems, data, devices or other social media accounts.”
The SEC says the hacker changed the password to the SEC’s X account after hijacking the phone number associated with the account.
“Law enforcement is currently investigating, among other things, how the unauthorized party caused the carrier to change the SIM card for the account and how the party knew which phone number was associated with the account.”
The SEC says its X account’s multi-factor authentication (MFA) option was disabled at the time of the incident, but is now enabled for all Commission social media accounts. Multi-factor authentication is generally considered more secure because users are required to provide at least two pieces of evidence to log in or access a website or application.
Don’t miss a beat – Subscribe to receive email alerts straight to your inbox
Check price action
follow us on TweetFacebook and Telegram
Surf to the Daily Hodl mix
Generated image: Midjourney