SEC Chairman Confirms Compromise of Personal Information in 2016 Hack

Security Vulnerability

The United States Securities and Exchange Commission chairman Jay Clayton said that the personal information of at least two people was compromised in a recently disclosed breach of the authority’s corporate filing system.

In a statement on Monday, SEC chairman Jay Clayton revealed that unauthorized third particles accessed several details of two individuals as a result of the cyberattack in September 2016.

“The ongoing staff investigation of the 2016 intrusion has now determined that an EDGAR test filing accessed by third parties as a result of that intrusion contained the names, dates of birth and social security numbers of two individuals,” read an excerpt from the statement.

The agency has reached out to the two individuals to notify them of the breach before providing additional monitoring and identity theft protection services.

Chairman Clayton added:

The 2016 intrusion and its ramifications concern me deeply. I am focused on getting to the bottom of the matter and, importantly, lifting our cybersecurity efforts moving forward.

The EDGAR filing system is a database of information that all publicly traded companies have to file with federal regulators including company earnings, mergers and acquisitions, and share dealings of executives. It was a software flaw that allowed hackers to access the data in a system that handles trillions of dollars in wealth. Investors typically have to access over 50 million pages of documents through a system that processes over 1.7 million filings each year.

“Chairman Clayton has pledged to keep Congress informed of the ultimate findings and conclusions of the agency’s internal review into the 2016 intrusion,” the SEC’s announcement further added.

As such, the SEC will also carry out an investigation to look into any illegal trading as a result of the hack, a complete review of all agency systems and will also look into possibly upgrading its corporate filing system. To strengthen its cybersecurity posture, Chairman Clayton has also authorized the hiring of more staff and consultants.

Image credit: Flickr.