SEC Reveals Details of X Account Hack
The U.S. Securities and Exchange Commission (SEC) has provided information about the recent incident where an unauthorized individual accessed the regulator’s account on the social media platform X and posted a false message. On January 9th, a message was published claiming that the SEC had approved all spot Bitcoin exchange-traded fund (ETF) applications. The commission’s chair, Gary Gensler, later confirmed that a hacker had compromised the SEC’s X account and posted the false announcement.
Hacker Used SIM Swap Technique
According to the SEC, the hacker gained control of the regulator’s X account by employing a SIM swapping technique. This involves changing the phone number associated with an account to one controlled by the hacker, granting them full administrative rights. The SEC clarifies that access to the phone number occurred via the telecom carrier and not through its own systems. There is no evidence suggesting that the unauthorized party accessed SEC systems, data, devices, or other social media accounts.
MFA Option Disabled at Time of Incident
The SEC explains that after hijacking the phone number linked to the account, the hacker changed the password for the SEC’s X account. It is currently under investigation how the unauthorized party convinced the carrier to change the SIM and how they knew which phone number was associated with the account. The SEC also reveals that at the time of the incident, its X account’s multi-factor authentication (MFA) option was disabled. However, MFA is now enabled for all of its social media accounts to enhance security.
Hot Take: SEC Takes Action to Strengthen Account Security
The recent hack on the SEC’s X account highlights vulnerabilities in social media platforms’ security measures. By using a SIM swapping technique, hackers can gain unauthorized access to accounts and publish false information. In response, the SEC has taken steps to strengthen its account security by enabling multi-factor authentication (MFA) for all its social media accounts. This additional layer of security helps protect against unauthorized access and reduces the risk of future incidents. It serves as a reminder for individuals and organizations to prioritize strong security measures, such as MFA, to safeguard their online presence.
Daisy Hodley emerges as a luminary blending the roles of crypto analyst, devoted researcher, and editorial virtuoso into a harmonious symphony. In the realm of digital currencies, Daisy’s insights resonate with an exquisite resonance across a diverse spectrum of minds. Her adeptness in decoding intricate threads of crypto complexities seamlessly intertwines with her editorial finesse, translating intricacy into a captivating melody of understanding.