SEC says EDGAR hackers stole personal information

Lloyd Doyle
October 3, 2017

Jay Clayton, the Chairman of the US Securities and Exchange Commission (SEC), said on Monday that the SEC cyberattack announced by the agency last month has leaked private information of some individuals.

The agency is notifying them and will provide identity theft protection services. SEC Chairman Jay Clayton had previously said that the regulator didn't think hackers had accessed such information, which could be used for identity theft. Components of this initiative have included the creation of a senior-level cybersecurity working group to coordinate information sharing, risk monitoring, and incident response efforts throughout the agency.

In its initial statement, the SEC said no personal information had been compromised in the breach of its Edgar system that could have jeopardized trillions of dollars in wealth.

Clayton has authorized hiring more staff and consultants to strengthen cybersecurity.

The SEC will also review EDGAR, "including reviewing the types of data companies can submit to it, as well as whether that database is the appropriate mechanism for gathering that sort of information". The breach took place in 2016, but Clayton did not find out until this August.

The SEC disclosed on September 20 that hackers previous year broke into its system that allows companies to digitally upload their documents, commonly known as EDGAR.

"The ongoing staff investigation of the 2016 intrusion has now determined that an EDGAR test filing accessed by third parties as a result of that intrusion contained the names, dates of birth and social security numbers of two individuals".

"Should the agency's review uncover additional such individuals whose sensitive information may have been accessed, the staff will contact them and offer them identity protection and monitoring as well."
It said the hackers may have made money using the corporate information they stole.

News of the SEC breach came just two weeks after Equifax disclosed a hack that affected as many as 143 million people.

Other reports by Iphone Fresh

Discuss This Article