The SEC’s X account was compromised on January 9, 2024, causing market fluctuations and highlighting cybersecurity concerns. The SEC is working with law enforcement to investigate.
On January 9, 2024, the financial world was briefly thrown into confusion when the U.S. Securities and Exchange Commission’s (SEC) X account (formerly Twitter) was compromised, leading to the unauthorized publication of tweets falsely claiming the SEC had approved spot Bitcoin exchange-traded funds (ETFs). This incident, which occurred shortly after 4:00 pm ET, involved an unknown party gaining access to the @SECGov account by taking control of the phone number linked to it. This breach led to the posting of one message at 4:11 pm ET announcing the Commission’s supposed approval of spot bitcoin ETFs, followed by another post merely stating “$BTC” and the liking of two unrelated posts.
The SEC swiftly responded to the breach, with staff from the Office of Public Affairs alerting the public via Chair Gary Gensler’s official X account that the @SECGov account had been compromised and that the posts were unauthorized. This response was part of a broader effort to manage the situation, which also included contacting X for assistance in regaining control of the account. The unauthorized access was reported to have been terminated within about an hour after it was gained, between 4:40 pm and 5:30 pm ET.
The false tweets briefly influenced the cryptocurrency market, notably causing a spike in Bitcoin’s price. This incident underscored the significant impact social media can have on financial markets and raised concerns about the security of official regulatory accounts on such platforms. It also highlighted the ongoing challenges in cybersecurity and the importance of robust security measures, such as two-factor authentication, which was reportedly not enabled for the SEC’s X account at the time of the incident.
The SEC has since reaffirmed its commitment to cybersecurity, emphasizing the continuous assessment of the incident’s impact on investors and the marketplace, and the exploration of additional remedial measures. The regulatory body is coordinating with law enforcement and federal oversight entities to investigate the breach and determine the appropriate next steps, aiming to prevent such incidents in the future and maintain the integrity of its communications.
This event also serves as a reminder that the SEC does not use social media to make official actions public; rather, it uses these platforms to amplify announcements made on its website. As such, investors and the public are encouraged to rely on the SEC’s official website for accurate and authoritative information regarding its actions and decisions.
The breach of the SEC’s X account brings to light the broader implications of cybersecurity in the digital age, particularly concerning the security of social media accounts belonging to high-profile governmental agencies. It underscores the need for heightened vigilance and advanced security protocols to safeguard against unauthorized access and prevent the spread of misinformation, which can have wide-ranging consequences for financial markets and investor trust.
Image source: Shutterstock