SEC Cyberattack Update: Insights from Chair Gary Gensler

Gary Gensler, Chair of the U.S Securities and Exchange Commission, provided an update on the cyberattack investigation targeting the agency's Twitter account in a statement released on Friday. This update follows the false tweet posted three days prior on the SEC's official Twitter account, claiming that all Bitcoin ETFs under review had been approved. The cryptocurrency community eagerly awaited official news on the ETFs, making the timing of the false announcement particularly impactful. In response to the incident, Gensler confirmed that the SEC's account had been compromised, leading to unauthorized posts and actions on the platform.

Key Points from Gensler's Statement:

• An unauthorized party made two false posts from the SEC's Twitter account, claiming approval of spot bitcoin exchange traded funds.
• The unauthorized party also liked two posts by non-SEC accounts using the compromised account.
• The SEC is currently assessing the full extent of the incident but has found no evidence of unauthorized access to other SEC systems, data, or social media accounts.
• SEC staff promptly deleted the false post and unliked the unauthorized likes, issuing a clarification tweet within thirty minutes of the compromise.
• By 5:30 pm ET, the hackers were removed from the account, and their unauthorized access was terminated.
• Twitter confirmed the incident on Wednesday but stated that it was not due to a breach of their platform. The hack was attributed to an individual gaining control of a phone number associated with the SECGov account through a third party.

Gary Gensler emphasized the SEC's commitment to cybersecurity and ongoing efforts to assess the impacts of the incident on the agency, investors, and the broader marketplace. The swift response by SEC staff to address the unauthorized activity on the Twitter account highlights the importance of proactive security measures in an increasingly digital landscape.