SEC Victim of SIM Swap Attack
The U.S. Securities and Exchange Commission (SEC) has revealed that its @SECGov social media account was compromised in a SIM swap attack. On January 9, the unauthorized party gained control of the SEC’s phone number associated with the account and posted a false message claiming that the agency had approved spot bitcoin exchange-traded funds (ETFs).
Unauthorized Access and Reset Password
Two days after the incident, the SEC confirmed that the unauthorized party obtained control of the SEC’s phone number through a SIM swap attack. With control of the phone number, the unauthorized party was able to reset the password for the @SECGov account. However, there is no evidence that the party gained access to SEC systems, data, devices, or other social media accounts.
Multi-Factor Authentication (MFA) Disabled
While multi-factor authentication (MFA) was previously enabled on the @SECGov account, it was disabled in July 2023 due to accessing issues. MFA was only re-enabled after the account was compromised. Currently, MFA is enabled for all SEC social media accounts that offer it.
Coordination with Law Enforcement
The SEC is working closely with various law enforcement and federal oversight entities, including the FBI, DHS, CFTC, DOJ, and the SEC’s own Division of Enforcement. The investigation aims to determine how the unauthorized party convinced the carrier to change the SIM for the account and how they knew which phone number was associated with the account.
Prevalence of SIM Swap Attacks
SIM swap attacks are increasingly targeting cryptocurrency investors, with notable victims including Ethereum co-founder Vitalik Buterin. It is crucial for crypto users to take measures to protect themselves from these attacks. Our guide provides tips on how to prevent SIM swap attacks.
Hot Take: SEC Falls Victim to SIM Swap Attack
The recent SIM swap attack on the U.S. Securities and Exchange Commission’s social media account highlights the growing threat faced by crypto investors. This incident demonstrates that even regulatory bodies are not immune to such attacks. It is a reminder for the entire crypto community to remain vigilant and take steps to protect their digital assets and personal information. The SEC’s coordination with law enforcement agencies and its commitment to investigate the attack thoroughly demonstrate the seriousness of this issue. As SIM swap attacks continue to target individuals in the crypto space, it is essential for everyone to educate themselves about this threat and implement the necessary security measures.
By
By
By
By
By