Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Data Security / SEC Reveals 2016 Filing Data Breach
SEC Reveals 2016 Hack that Breached Its Filing System
SEC Reveals 2016 Hack that Breached Its Filing System
By Amir Bibawy Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
21
2017
The Securities and Exchange Commission said Wednesday that a cyber breach of a filing system it uses may have provided the basis for some illegal trading in 2016.

In a statement posted on the SEC's website, Chairman Jay Clayton said a review of the agency's cybersecurity risk profile determined that the previously detected "incident" was caused by "a software vulnerability" in its EDGAR filing system.

The statement said the software was patched quickly after the hack was uncovered in 2016, although the possibility that some may have used it to make illegal profits was only discovered last month.

The SEC revelation comes as Americans continue to grapple with the repercussions of a massive, months-long hack of Equifax, a credit reporting agency, which exposed highly sensitive personal information of 143 million people.

The SEC chairman said this breach did not result in exposing personally identifiable information.

The SEC files financial market disclosure documents through its EDGAR system, which processes over 1.7 million electronic filings in any given year according to the agency's 4,000-word statement.

Clayton's statement also mentioned that a 2014 internal review was unable to locate some agency laptops that may have contained confidential information.

The agency also discovered instances in which its personnel used private, unsecured email accounts to transmit confidential information.

The SEC is continuing to investigate the breach and its possible consequences and coordinating with the "appropriate authorities," according to the statement.

Clayton ordered a review of the SEC's cybersecurity profile in May 2017, which led to the discovery of the possible illegal trading. The statement did not explain why the hack itself was not revealed when it was discovered last year.

© 2017 Associated Press under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock/Artist's concept.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN DATA SECURITY
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.