SEC Twitter gets hacked, Posts False Bitcoin ETF Approval

• The SEC is investigating unauthorised access that led to a false post on social media, falsely claiming the approval of spot Bitcoin ETFs.
• The SEC has terminated the unauthorised access and will collaborate with law enforcement to investigate the incident and related misconduct.
• Senators Bill Hagerty and Cynthia Lummis voiced concerns about market manipulation due to fraudulent announcements.

The U.S. Securities and Exchange Commission (SEC) has announced an investigation into unauthorised access that led to a false post regarding the approval of spot Bitcoin ETFs.

The SEC confirmed that this unauthorised access has been terminated and that it will collaborate with law enforcement agencies to investigate the incident and any associated misconduct.

Read in detail: Who’s gonna protect SEC? 🪖

Two U.S. Senators, J.D. Vance and Thom Tillis, have called upon the United States SEC to furnish Congress with a report regarding the breach of its X (formerly Twitter) account on January 9.

In a letter addressed to SEC Chair Gary Gensler, the senators expressed “serious concerns” about the SEC’s internal cybersecurity protocols, deeming the incident “antithetical” to the SEC’s mission of safeguarding investors, maintaining market integrity, and facilitating capital formation.

Citing the “widespread confusion” that ensued from the hack, the senators referred to a recently finalised rulemaking concerning cybersecurity disclosures and requested that the SEC deliver a report to Congress on the incident by January 23.

They also drew attention to the mandate requiring businesses to disclose any business impacts within four days of a cybersecurity incident, posing the question of whether the SEC could comply with this requirement in the case of a cybersecurity attack.

The breach occurred on January 9 when the SEC’s X account erroneously tweeted that spot Bitcoin exchange-traded funds (ETFs) had been approved in the United States. Subsequently, SEC Chair Gary Gensler confirmed that the SEC’s X account had been compromised and that the tweet was unauthorised.

An internal investigation by X revealed that the SEC account lacked two-factor authentication and attributed the compromise to an unidentified individual gaining control of a phone number associated with the @SECGov account through a third party.

Several government officials, including Senators Cynthia Lummis and Bill Hagerty and Representative Ann Wagner, have expressed concerns about the incident, with Hagerty demanding full disclosure and Lummis emphasizing the market manipulation risks associated with fraudulent announcements and seeking clarity on such incidents.