🚨 BREAKING NEWS🚨
The US Securities and Exchange Commission (SEC) has been hit by a major security breach! 😱
According to Blockworks, the SEC's official X account had its two-factor authentication disabled since July 2023, leaving it vulnerable.
Recently, an unauthorized person exploited this security gap, posting fake news on the compromised account about the approval of spot bitcoin ETFs.
The fake post remained up for 15 minutes before SEC Chair Gary Gensler confirmed the breach.
In a shocking revelation, the SEC disclosed that X support had disabled multi-factor authentication due to difficulties accessing the account.
Multi-factor authentication remained off until staff re-enabled it after the January 9 breach.
The SEC assures everyone that multi-factor authentication is now back on for all SEC social media accounts offering it.
The hacker executed the breach through a SIM swap, transferring the phone number to another device without authorization.
SEC clarified that the phone number access happened via the telecom carrier, not through SEC systems.
There's no evidence suggesting the unauthorized party accessed SEC systems, data, devices, or other social media accounts.
SEC is collaborating with the FBI, Homeland Security, the DOJ, and its Division of Enforcement to track down the attacker.
Law enforcement is investigating how the unauthorized party convinced the carrier to change the SIM and how they knew the phone number linked to the account.
Stay tuned for updates on this developing story!
