SEC says it was hacked, possibly resulting in illegal profits

Ivan Schwartz
September 22, 2017

SEC Chairman Jay Clayton said hackers had obtained access to nonpublic information by exploiting a vulnerability in the test filing component of the EDGAR system, which is the central repository for millions of corporate filings ranging from quarterly earnings to statements on acquisitions.

The hack to the SEC's Edgar document-filing system was disclosed late in the evening and buried far down in a statement vaguely titled "Statement on Cybersecurity".

It is not believed that any personally identifiable information or SEC operations were compromised, the agency added.

According to the SEC, the breach was discovered past year, but the possibility of illicit trading was uncovered only last month.

"Cybersecurity is critical to the operations of our markets and the risks are significant and, in many cases, systemic", Clayton said.

Ryanair is canceling thousands of flights. Are you affected?
In a statement, the airline said cancellation notices had been emailed to customers up to and including Wednesday 20 September. Ryanair said it is cancelling 40 to 50 flights a day for six weeks after "messing up" its planning of pilot holidays.

Bed Bath Beyond Releases $0.15 Dividend For The Latest Quarter
Hotchkis Wiley Limited Liability Company holds 1.19% of its portfolio in Bed Bath & Beyond Inc. (NASDAQ: BBBY ). Analysts anticipate that traders could see stock price minimum in the $26 range (lowest target price).

Trump Administration Suppresses Report That Found Refugees Benefit America
Supreme Court is scheduled to hear arguments on the administration's controversial Muslim ban . Trump, by contrast, has highlighted his goal of radically cutting refugee admissions.

The country's top Wall Street regulator says a cyberattack previous year breached its system for storing documents filed by companies, possibly allowing hackers to make illegal profits. SEC officials were unaware of the breach until August 2017 and quickly patched the security vulnerability, the agency said.

The disclosures by the SEC raise concerns about the security of the agency's Consolidated Audit Trail (CAT) project, which is "intended to provide SROs [self-regulatory organisations] and the Commission access to comprehensive data that will facilitate the efficient tracking of trading activity across USA equity and options markets".

The investigation into the SEC data hack is still in progress and the organization is working with the appropriate authorizes on the matter. "Given the cryptic release from the SEC it is impossible to know the extent of the intrusion from May 2016 until almost a year later, but one has to assume if these private files are all controlled through EDGAR they are in the zone of likely information to have been targeted and exfiltrated".

The SEC has had other issues with Edgar, including people posting phony takeover offers and other hoaxes on the system that have temporarily driven up companies' share prices. The SEC's disclosure follows the hack of Equifax Inc.'s credit-report database, which may have led to the theft of personal data on 143 million Americans.

However, hackers may have gotten their hands on nonpublic information.

Other reports by GizPress

Discuss This Article

FOLLOW OUR NEWSPAPER