28 May 2018
visit www.ebaday.com

SEC says hackers may have profited from 2016 breach

21 September 2017  |  6673 views  |  0 Graph with fingers measuring

Wall Street's top regulator says that a 2016 breach at its corporate disclosure database may have enabled hackers to profit from trading on inside information.

The Securities and Exchange Commission says the infiltration of the Edgar system - which houses non-public filings on upcoming corporate earnings statements and pending mergers and acquisitions - was detected in 2016 but it only realised last month that data stolen from the database may have been used for illicit trading.

The revelations were made by SEC chairman Jay Clayton in a statement highlighting the importance of cybersecurity to the agency and market participants.

"In August 2017, the Commission learned that an incident previously detected in 2016 may have provided the basis for illicit gain through trading," says Clayton. "Specifically, a software vulnerability in the test filing component of the Commission’s Edgar system, which was patched promptly after discovery, was exploited and resulted in access to nonpublic information. It is believed the intrusion did not result in unauthorised access to personally identifiable information, jeopardise the operations of the Commission, or result in systemic risk."

The statement is part of an ongoing assessment of the SEC’s cybersecurity risk profile that Clayton initiated upon taking office in May. Components of this initiative have included the creation of a senior-level cybersecurity working group to coordinate information sharing, risk monitoring, and incident response efforts throughout the agency.

The watchdog was hauled over the coals by the US Government Accountability Office (GAO) in July, in a report which accused the agency of failing to consistently protect its network boundaries, authenticate users and encrypt sensitive information while in transmission.

“Cybersecurity is critical to the operations of our markets and the risks are significant and, in many cases, systemic,” says Clayton. “We must be vigilant. We also must recognise — in both the public and private sectors, including the SEC — that there will be intrusions, and that a key component of cyber risk management is resilience and recovery.”

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

SEC told to improve cyber attack defences

SEC told to improve cyber attack defences

28 July 2017  |  14370 views  |  0 comments | 10 tweets | 12 linkedin
US regulators set out new cybersecurity standards

US regulators set out new cybersecurity standards

19 October 2016  |  8277 views  |  0 comments | 21 tweets | 22 linkedin
SEC bills cyber threats as biggest risk to financial markets

SEC bills cyber threats as biggest risk to financial markets

18 May 2016  |  6060 views  |  0 comments | 6 tweets | 11 linkedin
US watchdog begins cybersecurity probes

US watchdog begins cybersecurity probes

25 June 2014  |  6421 views  |  0 comments | 8 tweets | 6 linkedin
Watchdog criticises SEC cybersecurity

Watchdog criticises SEC cybersecurity

22 April 2014  |  5320 views  |  0 comments | 6 tweets | 3 linkedin

Related company news


Related blogs

Create a blog about this story (membership required)
visit www.ebaday.comVisit response.ncr.comVisit iliad-solutions.com/

Who is commenting?

Top topics

Most viewed Most shared
satelliteAnt Financial provides tech for China Ever...
37075 views comments | 3 tweets | 2 linkedin
Digital banking transformation creating new systemic risksDigital banking transformation creating ne...
9352 views comments | 18 tweets | 26 linkedin
ING opens developer portalING opens developer portal
7954 views comments | 18 tweets | 23 linkedin
MUFG to roll out blockchain payment network next yearMUFG to roll out blockchain payment networ...
7940 views comments | 13 tweets | 13 linkedin
PayPal and Google bind payment railsPayPal and Google bind payment rails
7614 views comments | 11 tweets | 17 linkedin

Featured job

Package guide £250-300K

Find your next job