16 October 2017
Find out more

SEC says hackers may have profited from 2016 breach

21 September 2017  |  6156 views  |  0 Graph with fingers measuring

Wall Street's top regulator says that a 2016 breach at its corporate disclosure database may have enabled hackers to profit from trading on inside information.

The Securities and Exchange Commission says the infiltration of the Edgar system - which houses non-public filings on upcoming corporate earnings statements and pending mergers and acquisitions - was detected in 2016 but it only realised last month that data stolen from the database may have been used for illicit trading.

The revelations were made by SEC chairman Jay Clayton in a statement highlighting the importance of cybersecurity to the agency and market participants.

"In August 2017, the Commission learned that an incident previously detected in 2016 may have provided the basis for illicit gain through trading," says Clayton. "Specifically, a software vulnerability in the test filing component of the Commission’s Edgar system, which was patched promptly after discovery, was exploited and resulted in access to nonpublic information. It is believed the intrusion did not result in unauthorised access to personally identifiable information, jeopardise the operations of the Commission, or result in systemic risk."

The statement is part of an ongoing assessment of the SEC’s cybersecurity risk profile that Clayton initiated upon taking office in May. Components of this initiative have included the creation of a senior-level cybersecurity working group to coordinate information sharing, risk monitoring, and incident response efforts throughout the agency.

The watchdog was hauled over the coals by the US Government Accountability Office (GAO) in July, in a report which accused the agency of failing to consistently protect its network boundaries, authenticate users and encrypt sensitive information while in transmission.

“Cybersecurity is critical to the operations of our markets and the risks are significant and, in many cases, systemic,” says Clayton. “We must be vigilant. We also must recognise — in both the public and private sectors, including the SEC — that there will be intrusions, and that a key component of cyber risk management is resilience and recovery.”

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

SEC told to improve cyber attack defences

SEC told to improve cyber attack defences

28 July 2017  |  13721 views  |  0 comments | 10 tweets | 12 linkedin
US regulators set out new cybersecurity standards

US regulators set out new cybersecurity standards

19 October 2016  |  7861 views  |  0 comments | 21 tweets | 22 linkedin
SEC bills cyber threats as biggest risk to financial markets

SEC bills cyber threats as biggest risk to financial markets

18 May 2016  |  5683 views  |  0 comments | 6 tweets | 11 linkedin
US watchdog begins cybersecurity probes

US watchdog begins cybersecurity probes

25 June 2014  |  6190 views  |  0 comments | 8 tweets | 6 linkedin
Watchdog criticises SEC cybersecurity

Watchdog criticises SEC cybersecurity

22 April 2014  |  5163 views  |  0 comments | 6 tweets | 3 linkedin

Related company news


Related blogs

Create a blog about this story (membership required)
visit www.temenos.comvisit www.niceactimize.com

Top topics

Most viewed Most shared
Ripple looks to drive bank adoption with $300m XRP rebate programmeRipple looks to drive bank adoption with $...
14287 views comments | 11 tweets | 3 linkedin
Taiwan's Far Eastern International Bank suffers malware attackTaiwan's Far Eastern International Bank su...
13026 views comments | 16 tweets | 22 linkedin
Monzo fends off suitors as current account upgrade beginsMonzo fends off suitors as current account...
8927 views comments | 17 tweets | 14 linkedin
Swift positive on blockchain, but big challenges remainSwift positive on blockchain, but big chal...
7834 views comments | 15 tweets | 20 linkedin
Ripple blockchain network hits 100-member markRipple blockchain network hits 100-member...
7560 views comments | 13 tweets | 13 linkedin

Featured job

Find your next job