16 July 2018
Visit www.gemalto.com

SEC data breach: hackers accessed personal information

02 October 2017  |  6210 views  |  0 safelock

The Securities and Exchange Commission says that crooks may have accessed the personal information of two people during the 2016 breach at its Edgar corporate disclosure database.

In an update on the breach, first disclosed last month, SEC chairman Jay Clayton says that a test filing accessed by the hackers contained the names, dates of birth and social security numbers of the two unnamed people, who have been informed and offered ID theft protection.

On 20 September, Clayton revealed that the infiltration of the Edgar system - which houses non-public filings on upcoming corporate earnings statements and pending mergers and acquisitions - was detected in 2016 but that the watchdog only realised in August that data stolen may have been used for illicit trading.

In his update today, the chairman says: "The 2016 intrusion and its ramifications concern me deeply. I am focused on getting to the bottom of the matter and, importantly, lifting our cybersecurity efforts moving forward."

A review of the intrusion is being carried out by the Office of Inspector General, while the Division of Enforcement is looking into any potential illicit trading. Meanwhile, the SEC says that it is increasing resources for modernisation of Edgar, bringing in outside consultants and increasing the focus on cyber security.

"Chairman Clayton has authorised the immediate hiring of additional staff and outside technology consultants to aid in the agency’s efforts to protect the security of its network, systems and data," says the regulator.

Clayton initiated an assessment of the SEC's cybersecurity risk profile upon taking office in May. Components of this initiative have included the creation of a senior-level cybersecurity working group to coordinate information sharing, risk monitoring, and incident response efforts throughout the agency.

The watchdog was hauled over the coals by the US Government Accountability Office (GAO) in July, in a report which accused the agency of failing to consistently protect its network boundaries, authenticate users and encrypt sensitive information while in transmission.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

SEC says hackers may have profited from 2016 breach

SEC says hackers may have profited from 2016 breach

21 September 2017  |  6720 views  |  0 comments | 3 tweets | 8 linkedin
SEC told to improve cyber attack defences

SEC told to improve cyber attack defences

28 July 2017  |  14458 views  |  0 comments | 10 tweets | 12 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
Visit http://go.jumio.com/finextraAdVisit www.aciworldwide.comVisit info.nice.com

Top topics

Most viewed Most shared
Flux ready for take-off on Barclays Launchpad; scores trial with Costa CoffeeFlux ready for take-off on Barclays Launch...
10537 views comments | 4 tweets | 9 linkedin
Handelsbanken trials micro contactless cardsHandelsbanken trials micro contactless car...
9535 views comments | 18 tweets | 30 linkedin
PayPal ready to spend $3bn a year on acquisitionsPayPal ready to spend $3bn a year on acqui...
8091 views comments | 13 tweets | 17 linkedin
Championing financial inclusion and helping the UnstoppablesChampioning financial inclusion and helpin...
8031 views comments | 3 tweets | 1 linkedin
No greater change will occur than that in financial servicesNo greater change will occur than that in...
7638 views comments | 7 tweets | 13 linkedin

Featured job

Find your next job