The U.S. Securities and Exchange Commission (SEC) was hacked in 2016 and officials believe that the breach could have resulted in illicit trades. Hackers are reported to have breached the SEC’s Edgar system where non-public information was accessed to manipulate trades.
The Edgar system has a vast amount of confidential information concerning mergers, acquisitions and disclosures about corporate earnings. SEC Chairman Jay Clayton announced the Edgar breach on September 20 and since then has been put under a lot of pressure from numerous parties who want the Chairman to fully disclose to the Senate additional information.
Clayton stated that he had informed the U.S. Computer Emergency Readiness Team at the Department of Homeland Security not long after the breach occurred in 2016 and also commissioned an internal review. The SEC has come under a lot of pressure in recent times for not doing enough to combat the growing number of security breaches.
CBS New York
Chairman Clayton did his best to assure the Senate that personal identification info wasn’t accessed during the breach and said that the SEC has taken a number of steps since the hack to tighten its security. The software defect that the hackers used to breach the system has been plugged and a new Cyber Unit has been started within the Enforcement Division. The SEC has is also looking to start a ‘retail strategy task force’ that will look to protect investors from being exposed to hacks that can cause extensive misconduct.
The SEC stated that the Cyber Unit will look to study market manipulation schemes where hackers release false information via the internet to hurt a company’s image and breaches into non-public information that leads to intrusions and market manipulation of retail brokerage accounts.
Two weeks before Chairman Clayton announced the breach at the SEC, Equifax Inc announced that its system had been hacked and it was possible that financial and confidential information on 143 million Americans had been compromised. The string of attacks on firms which have access to personal and financial information has continued to increase over the years.
In a statement, Chairman Clayton said
We are continuing to examine whether public companies are taking appropriate action to inform investors, including after a breach has occurred, and we will investigate issuers that mislead investors about material cybersecurity risks or data breaches. I would like to see more and better disclosure in this area