edgar
Latest
SEC knew about weak security years before hack
The hack that compromised the US Securities and Exchange Commission was a shock and more than a little damaging, but could it have been prevented? Unfortunately the answer is very likely yes. The Hill has combed through the SEC's internal evaluations, and it's now clear that the Commission had been warned about digital security issues for years. An inspector general audit warned about "weaknesses" in the SEC's security measures back in 2013, and multiple warnings appear to have sometimes fallen on deaf ears. A June 2016 inspector general report said the SEC hadn't "fully addressed" some problems from previous audits, and was at "increased risk" of intruders taking sensitive data.
SEC suspects hackers used stolen insider info for trading
US Securities and Exchange Commission chief Jay Clayton has made a couple of security-related revelations in his recently published "Statement on Cybersecurity." He admitted that an attacker infiltrated the agency's EDGAR database in 2016 by exploiting a software vulnerability to gain access to non-public info. SEC patched the flaw as soon as it was discovered, but it found out just last month that the attackers may have used the insider information they stole to profit from financial trades.
