Senators J.D. Vance and Thom Tillis demanded explanations about the occurrence and voiced worries over the Commission’s internal cybersecurity protocols.
After the hack of the SEC’s X (formerly Twitter) account on January 9, two senators from the US have demanded that the agency disclose the incident to Congress.
Sens. J.D. Vance and Thom Tillis sent a letter to SEC Chair Gary Gensler the same day, expressing their “serious concerns” about the commission’s internal cybersecurity protocols in light of the event.
Furthermore, it was deemed “antithetical to the tripartite mission of the Commission, which is to safeguard investors, ensure equitable, systematic, and effective markets, and promote capital formation.”
Two senators, alarmed by the recent attack that caused “widespread confusion,” have asked the SEC to disclose the event to Congress in light of the newly concluded rules on cybersecurity disclosures.
A deadline of January 23 was imposed in the letter that was issued on January 9. The letter also served to remind the SEC of the need for all companies to reveal the full extent of a cybersecurity event’s effects on the company no later than four days after the issue occurred.
“Can the SEC assure Congress that it will be able to notify Congress of any cybersecurity incident involving this “compromised” social media post within four business days? When asked why, please provide an explanation if it is not clear.”
On January 9, the event took place when the X account of the SEC tweeted a bogus statement implying that spot Bitcoin ETFs had been authorized in the US. The crypto community’s elation was short-lived when Gensler disclosed that an unauthorized Twitter account had been sent out from the SEC’s X account.
Many pointed out the SEC’s lack of readiness against hacks and internet threats, as investors and markets responded unpredictablely amid the chaos. An internal investigation by X confirmed that there was no two-factor authentication on the SEC account at the time of the intrusion. X also included the following in their report:
“According to our findings, the compromise did not occur as a result of X’s systems being breached. Instead, it was caused by an unknown person gaining control of a phone number linked to the @SECGov account through an intermediary.”
Also Read: New York Times is encountering opposition in a lawsuit about ethical AI techniques from
