SEC says it was hacked, possibly resulting in illegal profits

Ivan Schwartz
September 22, 2017

SEC Chairman Jay Clayton said hackers had obtained access to nonpublic information by exploiting a vulnerability in the test filing component of the EDGAR system, which is the central repository for millions of corporate filings ranging from quarterly earnings to statements on acquisitions.

The hack to the SEC's Edgar document-filing system was disclosed late in the evening and buried far down in a statement vaguely titled "Statement on Cybersecurity".

It is not believed that any personally identifiable information or SEC operations were compromised, the agency added.

According to the SEC, the breach was discovered past year, but the possibility of illicit trading was uncovered only last month.

"Cybersecurity is critical to the operations of our markets and the risks are significant and, in many cases, systemic", Clayton said.

OECD upgrades eurozone and China growth forecasts; United Kingdom and USA unchanged
Canada is set to log the fastest growth among advanced economies this year with the country's projection raised to 3.2% from 3%. That compared with an earlier outlook for growth of 1.8 per cent in 2017 and 1.8 per cent in 2018.

Bed Bath Beyond Releases $0.15 Dividend For The Latest Quarter
Hotchkis Wiley Limited Liability Company holds 1.19% of its portfolio in Bed Bath & Beyond Inc. (NASDAQ: BBBY ). Analysts anticipate that traders could see stock price minimum in the $26 range (lowest target price).

Harry Winks: 'Wembley Stadium atmosphere not the same as White Hart Lane'
I don't know how long [it will take to reach my best]. "But the fans are always excellent and for us they were brilliant in getting us over the line".

The country's top Wall Street regulator says a cyberattack previous year breached its system for storing documents filed by companies, possibly allowing hackers to make illegal profits. SEC officials were unaware of the breach until August 2017 and quickly patched the security vulnerability, the agency said.

The disclosures by the SEC raise concerns about the security of the agency's Consolidated Audit Trail (CAT) project, which is "intended to provide SROs [self-regulatory organisations] and the Commission access to comprehensive data that will facilitate the efficient tracking of trading activity across USA equity and options markets".

The investigation into the SEC data hack is still in progress and the organization is working with the appropriate authorizes on the matter. "Given the cryptic release from the SEC it is impossible to know the extent of the intrusion from May 2016 until almost a year later, but one has to assume if these private files are all controlled through EDGAR they are in the zone of likely information to have been targeted and exfiltrated".

The SEC has had other issues with Edgar, including people posting phony takeover offers and other hoaxes on the system that have temporarily driven up companies' share prices. The SEC's disclosure follows the hack of Equifax Inc.'s credit-report database, which may have led to the theft of personal data on 143 million Americans.

However, hackers may have gotten their hands on nonpublic information.

Other reports by GizPress

Discuss This Article

FOLLOW OUR NEWSPAPER