Gary Gensler answers lawmakers about X breach and fake Bitcoin ETF approval Mike Dalton · 4 seconds ago · 2 min read
The SEC’s social media account was illegally accessed in January.
Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.
Gary Gensler, chair of the U.S. Securities and Exchange Commission (SEC), has responded to lawmakers regarding a breach of the SEC’s X account.
On Jan. 9, an unknown actor performed a SIM swap attack on the SEC’s X account then published a false message stating that the SEC had approved various spot Bitcoin ETFs. Though the SEC ultimately approved those funds on Jan. 10, the earliest message was inauthentic.
Gensler said to lawmakers in a letter:
“I assure you that the SEC takes its cybersecurity obligations seriously. I understand that the SEC’s Office of Legislative and Intergovernmental Affairs arranged a briefing on January 17 for your staff concerning the X incident and addressing the questions raised in your letter.”
Gensler’s letter addresses House members Patrick McHenry, Bill Huizenga, French Hill, and Ann Wagner. In addition to commenting individually, those House members wrote a letter on Jan. 10 asking the SEC to hold itself to the security disclosure standards it imposes on companies.
The House members asked the SEC to respond to their request by Jan. 17 — a deadline that the SEC seemingly satisfied, given that Gensler reported a briefing on that date.
In a separate Jan. 11 letter, Senators Ron Wyden and Cynthia Lummis asked the SEC to begin an investigation into multi-factor authentication and phishing-resistant hardware tokens (or security keys) and close any security gaps. Though an update on that matter was due today, Feb. 12, the latest letter does not address the senators and no other response has been reported.
Gensler says the investigation is still ongoing
In the remainder of his letter, Gensler described a previously known attack timeline and provided an update on investigations. He said that law enforcement is currently investigating how the attacker had the carrier service change the SIM associated with the SEC’s X account, and how the attacker identified the phone number associated with the SEC’s account.
Gensler was the first to confirm that the SEC’s X account was compromised on Jan. 9. He published a full statement on the incident on Jan. 12.
Unlike those earlier statements, Gensler’s letter to lawmakers is not public and largely went unnoticed until now. The letter is dated Feb. 6 and was publicized by Politico on Feb. 8. Various sources circulated and reported on the letter more broadly today.