Skip to main content
close search
site logo

SEC Discloses 2016 Hack of EDGAR System

Published Sept. 21, 2017
By Matthew Heller

In another illustration of the vulnerability of financial infrastructure, the U.S. Securities and Exchange Commission has disclosed a data breach that may have resulted in cyber criminals using its EDGAR online database to make illicit trades.

SEC Chairman Jay Clayton said hackers had obtained access to nonpublic information by exploiting a vulnerability in the test filing component of the EDGAR system, which is the central repository for millions of corporate filings ranging from quarterly earnings to statements on acquisitions.

The hack was detected in 2016 and the vulnerability was promptly patched but according to Clayton, the SEC learned last month that the cyber criminals may have used the nonpublic information for insider trading.

“We believe the intrusion did not result in unauthorized access to personally identifiable information, jeopardize the operations of the Commission, or result in systemic risk,” Clayton said in a statement, adding, however, that “Our investigation of this matter is ongoing.”

The disclosure follows a July report from the Government Accountability Office that found the SEC had not fully implemented 11 of 58 recommendations spurred by previous audits to secure its computer network, include failing to authenticate users and encrypt sensitive information.

Other recent breaches of financial infrastructure have included a hack of credit reporting firm Equifax’s computer system, which exposed the Social Security numbers and birth dates of as many as 143 million people, and a scheme in which hackers posing as students may have compromised the personal data of as many as 100,000 taxpayers.

According to Reuters, the SEC hack “is particularly embarrassing for the SEC and its new boss Clayton, who has made tackling cyber crime one of the top enforcement issues during his tenure.” He is likely to be questioned about it at a congressional hearing next week.

“It’s hugely problematic and we’ve got to be serious about how we protect that information as a regulator,” said Rep. Bill Huizenga, chairman of the House subcommittee on Capital Markets, Securities, and Investment. “I’m hoping that this leads to some vast improvements and an uptick in the vigilance that all the regulators are going to have with information that’s coming to them.”

Filed Under: Technology

Editors' pick

  • Calendar
    Image attribution tooltip
    Misha Shutkevych via Getty Images
    Image attribution tooltip
    Tracker

    CFO Annual Conferences and Events Tracker

    CFO’s annual conference and events calendar tracker ensures finance executives know about the most essential in-person events.

    By CFO Editorial Team • July 28, 2023

Company Announcements

View all | Post a press release
Emagia Introduces GiaGPT: A Groundbreaking Generative AI Solution for Finance Operations
From Emagia
September 08, 2023
FD Capital Announces the Launch of their Professional Services Team
From FD Capital
September 11, 2023

Want to share a company announcement with your peers?

Get started

Read next
  • Calendar
    Image attribution tooltip
    Misha Shutkevych via Getty Images
    Image attribution tooltip
    Tracker

    CFO Annual Conferences and Events Tracker

    CFO’s annual conference and events calendar tracker ensures finance executives know about the most essential in-person events.

    By CFO Editorial Team • July 28, 2023
Latest in Technology
image/svg+xml
Industry Dive is an Informa business
© 2023 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell