Summary
The US Securities and Exchange Commission (SEC) revealed that the two-factor authentication on its X account was disabled since July 2023. The SEC’s official account was compromised when an unauthorized person made a fake post about the approval of spot bitcoin ETFs. The post remained up for 15 minutes before Chair Gary Gensler announced the compromise. The SEC disabled multi-factor authentication after facing difficulty accessing the account. The hacker accessed the account through a SIM swap, and the SEC is working with law enforcement agencies to track down the attacker.
Key Points
1. The US Securities and Exchange Commission admitted that the two-factor authentication on its X account had been disabled since July 2023.
2. The SEC’s official X account was compromised, allowing an unauthorized person to access the account and make a fake post about the approval of spot bitcoin ETFs.
3. The hacker gained access to the account through a SIM swap, and the SEC is working with law enforcement agencies to investigate the incident.