SEC Says Cybercriminals Hacked Its Files, May Have Used Secret Data For Trading

Sep 21, 2017
Originally published on September 20, 2017 10:37 pm

The Securities and Exchange Commission says cybercriminals got into the agency's files last year and accessed information that might have been used to give them a secret edge in trading.

The SEC says it had known about the intrusion in 2016 into its Edgar filing system, but learned this month that "nonpublic information" accessed may have been used for "illicit gain."

"Edgar houses millions of filings that companies are required to submit to the SEC so that they can be perused by investors," as noted by Bloomberg.

The agency says the "software vulnerability ... was patched promptly after discovery," and didn't reveal any personally identifiable information.

A statement by SEC Chairman Jay Clayton notes that potential damage done by cybercrime increases all the time, and that "a large portion of the costs ... are borne by investors, consumers and other important constituents."

Politico reports that Congress has questioned the SEC about Edgar's security:

"In May 2015, Sen. Chuck Grassley (R-Iowa) asked the SEC for information about EDGAR vulnerabilities after an apparent hoax involving Avon Products Inc.

"In October 2014, Rep. Carolyn Maloney (D-N.Y.) raised concerns after an academic study revealed that stock prices were moving about 30 seconds prior to public filings being made available on the SECs website."

Copyright 2018 NPR. To see more, visit http://www.npr.org/.