/security

News and resources on cyber and physical threats to banks and fintechs worldwide.

SEC says SIM swap attack behind X hack

The Securities and Exchange Commission says a "SIM swap" attack was to blame for the hack on its X account earlier this month.

  2 Be the first to comment

SEC says SIM swap attack behind X hack

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

On 9 January the official @SECGov account was hacked and used to post spurious approval for the listing and trading of spot Bitcoin exchange-traded products.

The fake announcement - which came shortly before the SEC did give approval - briefly sent Bitcoin's price soaring.

Now the watchdog says that, working with its telecom carrier, it has determined that someone obtained control of the SEC cell phone number associated with the account in an apparent SIM swap attack.

The hacker appears to have transferred the phone number to another device without authorisation, allowing them to reset the password and control the account.

The SEC says that the hacker gained access via the telco, not the watchdog, and that there is no evidence of a breach of its systems, data, devices, or other social media accounts.

However, it admits that in July 2023 it asked X to disable multi-factor authentication on the account "due to issues accessing" it.

Sponsored [Upcoming Webinar] Next Gen Payment Processing: How banks can embrace the future

Comments: (0)

[Webinar] Reaping the benefits of Hyper-Personalisation with AI and Application ModernisationFinextra Promoted[On-Demand Webinar] Reaping the benefits of Hyper-Personalisation with AI and Application Modernisation