The SEC’s X account was compromised on January 9, 2024, causing market volatility and highlighting cybersecurity concerns. The SEC is working with law enforcement to investigate.
On January 9, 2024, the financial world was briefly thrown into confusion when the US Securities and Exchange Commission (SEC) X account (formerly Twitter) was compromised, leading to the unauthorized posting of tweets that claimed that the SEC has approved spot exchanges for bitcoin exchange-traded funds (ETFs). This incident, which occurred shortly after 4:00 PM ET, involved an unknown party gaining access to the @SECGov account by taking control of the phone number associated with it. This breach resulted in a single posting at 4:11 PM ET announcing the Commission’s purported approval of a spot bitcoin ETF, followed by another posting that simply stated “$BTC” and liking two unrelated posts.
The SEC responded quickly to the breach, with Office of Public Affairs staff alerting the public via Chairman Gary Gensler’s official X account that the @SECGov account had been compromised and that the posts were unauthorized. This response was part of a broader effort to manage the situation, which also included contacting X for assistance in regaining control of the account. The hack was reported to have been stopped within about an hour of receiving it, between 4:40 PM and 5:30 PM ET.
The fake tweets briefly affected the cryptocurrency market, notably causing a spike in the price of Bitcoin. This incident highlighted the significant impact that social media can have on financial markets and raised concerns about the security of official regulatory accounts on such platforms. He also highlighted ongoing cybersecurity challenges and the importance of robust security measures, such as two-factor authentication, which was reportedly not enabled for X’s SEC account at the time of the incident
Since then, the SEC has reaffirmed its commitment to cybersecurity, emphasizing continuous assessment of the incident’s impact on investors and the market and exploring additional remedial measures. The regulator is coordinating with law enforcement and federal regulators to investigate the breach and determine appropriate next steps to prevent similar incidents in the future and maintain the integrity of its communications.
This event also serves as a reminder that the SEC does not use social media to make official actions public; rather, it uses these platforms to amplify the messages made on its website. As such, investors and the public are encouraged to rely on the SEC’s official website for accurate and reliable information regarding its actions and decisions.
The SEC X account breach brings to light the broader implications of cybersecurity in the digital age, particularly regarding the security of social media accounts belonging to high-level government agencies. It highlights the need for increased vigilance and advanced security protocols to protect against unauthorized access and prevent the spread of disinformation, which could have far-reaching consequences for financial markets and investor confidence.
Image source: Shutterstock