According to CoinDesk, the Securities and Exchange Commission (SEC) failed to implement basic security measures on its social media account, which was compromised to spread false bitcoin ETF news. The social media platform's Safety team completed a preliminary investigation into the SEC's false post regarding the approval of bitcoin ETF applications, which the regulator attributed to its compromised account. The investigation revealed that the compromise was not due to a breach of the platform's systems, but rather an unidentified individual gaining control over a phone number associated with the SEC's account through a third party.
This finding seemingly eliminates the possibility of an inside job or fat finger theory for the false post, which temporarily affected the price of bitcoin before SEC Chair Gary Gensler announced the post was fake. However, it raises questions about the basic security measures taken by the SEC, a powerful investment regulator in the U.S. whose statements are closely monitored and traded on. The social media platform confirmed that the SEC's account did not have two-factor authentication enabled at the time of the compromise and encouraged all users to enable this additional layer of security. An SEC spokesperson did not immediately respond to a request for comment on the statement.
