The SEC’s Multi-Factor Authentication Was Disabled
On Monday, the U.S. Securities and Exchange Commission (SEC) announced that multi-factor authentication (MFA) was deactivated, which led to the publication of a fake post concerning the approval of spot Bitcoin exchange-traded funds (ETFs).
The SEC stated that MFA had been turned off in July 2023 due to problems accessing the account. It remained deactivated until January 9 when the account was comprised.
Shift The Blame For The Hack
In response to the account compromise, the SEC passed the blame, saying it was due to someone gaining control over a phone number associated with the account. Both the SEC and the platform confirmed that the breach was a result of a “SIM swap” attack.
SEC Criticized By The Crypto Community
The publication of the fake post led to criticism of the SEC from the crypto community, with many questioning the regulator’s ability to handle such events. After the tweet was issued, SEC Chair Gary Gensler denied the news a day later.
Hot Take
Given that the platform and the SEC confirmed the breach stemmed from a “SIM swap” attack, the event raises concerns about the security measures in place to protect sensitive financial information.
By
By
By
By
By