Latest in Gear

Image credit:

SEC suspects hackers used stolen insider info for trading

The attackers infiltrated SEC's EDGAR database last year.
Mariella Moon, @mariella_moon
September 21, 2017
Share
Tweet
Share

Sponsored Links

Bloomberg via Getty Images

US Securities and Exchange Commission chief Jay Clayton has made a couple of security-related revelations in his recently published "Statement on Cybersecurity." He admitted that an attacker infiltrated the agency's EDGAR database in 2016 by exploiting a software vulnerability to gain access to non-public info. SEC patched the flaw as soon as it was discovered, but it found out just last month that the attackers may have used the insider information they stole to profit from financial trades.

See, EDGAR is an automated system that processes forms and other paperwork submitted by companies. Since SEC's role is to protect and regulate the country's stock and options exchanges, the documents it processes typically contain sensitive info that an unscrupulous individual can profit from. Clayton says authorities are still investigating the issue, but the commission believes the hackers didn't gain unauthorized access to personally identifiable information or anything that can jeopardize its operations.

As Reuters said, the event shines a spotlight on SEC's shortcomings when it comes to security. In July, the Government Accountability Office published a report revealing that SEC doesn't always fully encrypt sensitive info and uses unsupported software. It also hasn't fully implemented a system to detect intruders and doesn't always configure its firewalls properly, which are definitely a cause for concern, since Clayton made cybersecurity his priority. Nevertheless, Clayton reiterated in his statement, that he aims to "promote effective cybersecurity practices within the Commission itself and with respect to the markets and market participants it oversees."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Apple shuffles hardware execs to make room for a mysterious new project

Apple shuffles hardware execs to make room for a mysterious new project

View
A personal trainer app guilt-tripped me into exercising (and it worked)

A personal trainer app guilt-tripped me into exercising (and it worked)

View
Polk Audio claims React is the 'most advanced Alexa-enabled soundbar'

Polk Audio claims React is the 'most advanced Alexa-enabled soundbar'

View
Google reveals North Korean-backed campaign targeting security researchers

Google reveals North Korean-backed campaign targeting security researchers

View
Scientists find a cloudless 'hot Jupiter' exoplanet with a four-day year

Scientists find a cloudless 'hot Jupiter' exoplanet with a four-day year

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr