SEC’s EDGAR system hacked for ‘trading gains’

SEC says system hack resulted in access to non-public information for illicit trading gains.

The Securities and Exchange Commission (SEC) in the US suffered a cyber attack last year, which it says could have led to illicit gains through trading.

Chairman Jay Clayton explained in a statement the authority’s EDGAR test filing system was exploited and resulted in access to non-public information.

The hack - believed to have taken place last year - was discovered and promptly patched by the SEC last month and an internal investigation has since commenced. 

“It is believed the intrusion did not result in unauthorised access to personally identifiable information, jeopardise the operations of the Commission, or result in systemic risk,” the statement clarified.

The SEC has outlined plans for the management of its internal cybersecurity risks, including coordination with other government entities and the enforcement of the federal securities laws against cyber attackers.

Clayton added: “We must be vigilant. We also must recognise - in both the public and private sectors, including the SEC - there will be intrusions, and a key component of cyber risk management is resilience and recovery.

“By promoting effective cybersecurity practices... it is our objective to contribute substantively to a financial market system that recognises and addresses cybersecurity risks and, in circumstances in which these risks materialise, exhibits strong mitigation and resiliency.”