SEC says multi-factor authentication had been turned off in run-up to false X post about bitcoin ETF approval
Quick Take An SEC spokesperson provided an update on Monday on how a phony post was able to go out on its X account earlier this month. The agency’s MFA had been disabled over the summer and remained disabled until that post went out, the spokesperson said.
The Securities and Exchange Commission said Monday that multi-factor authentication on its X account had been disabled in the run-up to a false post earlier this month before spot bitcoin ETFs had been formally approved.
"While multi-factor authentication (MFA) had previously been enabled on the @SECGov X account, it was disabled by X Support, at the staff’s request, in July 2023 due to issues accessing the account," the SEC said in a statement on Monday. "Once access was reestablished, MFA remained disabled until staff reenabled it after the account was compromised on January 9."
MFA is enabled now for all SEC social media accounts that offer it, the agency's spokesperson added.
X confirmed in a post on Jan. 9 that the SEC's X account was compromised, as someone obtained control over a phone number associated with the account. The platform's security team noted that the SEC did not set up two-factor authentication for its account when it was compromised.
The agency's lack of MFA garnered criticism from some in Washington D.C., who have called for an investigation into the matter.
'Sim Swap'
The SEC said Monday that an "unauthorized party" obtained control of an SEC cell phone number associated with the account in an apparent "SIM swap" attack. SIM swapping is a technique used to transfer someone's phone number to another device without authorization, they added.
"Access to the phone number occurred via the telecom carrier, not via SEC systems," the spokesperson said. "SEC staff have not identified any evidence that the unauthorized party gained access to SEC systems, data, devices, or other social media accounts."
After getting control of the phone number, the unauthorized party reset the password for the SEC's X account, the spokesperson said on Monday.
"Among other things, law enforcement is currently investigating how the unauthorized party got the carrier to change the SIM for the account and how the party knew which phone number was associated with the account," the spokesperson said.
The SEC spokesperson also said the agency's staff is continuing to work with the SEC's Office of Inspector General, the FBI, the Commodity Futures Trading Commission, the Department of Justice, among other law enforcement entities.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
BC.GAME Rebrands, Expands $BC Crypto Ecosystem
BC.GAME, a leading name in Web3 gaming, has unveiled a major brand overhaul, introducing a new logo, updated colour scheme, and the bold slogan “Stay Untamed.” The rebrand signals the company’s sharpened focus on crypto integration and its vision to build a global, community-driven Web3 entertainment ecosystem.
Ethereum Rally Stalls Near $2.58K as Holders Take Profits
Ethereum is priced at $2,438, marking a 3.5% decline in the last 24 hours after experiencing a 34% increase over the past week. According to data from Coinglass, open interest has fallen by 2%, suggesting a decrease in leveraged positions. This pullback comes after an impressive rally, during which ETH rose from $1,800 to over $2,500 in just a few days.
Truth Social Denies Memecoin Launch Amid Trump Token Controversy
Truth Social, the social media platform owned by Trump Media & Technology Group, has denied circulating rumours suggesting it is launching a memecoin. In an official post, the platform dismissed the speculation as false, reiterating that it had no involvement in any crypto token launch.
Record Inflows Boost Bitcoin ETFs and Digital Assets
Trending news
MoreCrypto prices
More
