US Senators call for probe into SEC X account hacking


San Francisco, Jan 13 (IANS): US Senator Ron Wyden, Chairman of the Senate Finance Committee, and Senator Cynthia Lummis, a member of the Senate Banking Committee, have called for an investigation into the hacking of US Securities and Exchange Commission's (SEC) account on X.

The SEC saw its X account hacked for a brief time earlier this week, with a post claiming it has approved listings for Bitcoin exchange-traded funds (ETFs).

The Commission, however, later approved a number of spot Bitcoin exchange-traded product (ETP) shares.

In a letter shared with Axios, Wyden has now called to open a probe into the agency's "apparent failure to follow cybersecurity best practices."

The SEC had said that an unauthorised party had hacked its account on X.

Elon Musk-run X later revealed that the SEC's account did not have multi-factor authentication (MFA) activated at the time of the hacking.

“Not only should the agency have enabled MFA, but it should have secured its accounts with phishing-resistant hardware tokens, commonly known as security keys, which are the gold standard for account cybersecurity," Wyden and Lummis wrote in the letter.

"X has permitted users to restrict access to their accounts exclusively using security keys and to remove phone numbers, which can be easily hijacked by fraudsters, since 2021," they added.

The Senators asked the SEC's inspector general to open an investigation and provide an update to Congress by February 12.

Meanwhile, Senators JD Vance (R-Ohio) and Thom Tillis (R-NC) have also sent a letter to the SEC, seeking answers into the hacking.

 

  

Top Stories


Leave a Comment

Title: US Senators call for probe into SEC X account hacking



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.