The SEC chair penned a letter to four members of the U.S. House of Representatives breaking down the timeline of the commission’s Jan. 9 SIM swap attack.
3090 Total views
10 Total shares
United States Securities and Exchange Commission (SEC) Chair Gary Gensler penned a response to four lawmakers in the House of Representatives over an “unauthorized” tweet sent from the official SEC X account on Jan. 9.
In a Feb. 6 letter to Representatives Patrick McHenry, French Hill, Bill Huizenga and Ann Wagner, Gensler confirmed earlier reports that a hacker had been able to gain access to the SEC’s X account using a “SIM swap” attack, falsely declaring that the commission had approved spot Bitcoin (BTC) exchange-traded funds for listing and trading on U.S. exchanges. According to the SEC chair, the hacker made two posts using access to the account and liked two tweets before the commission could undo the activity.
“Based on information currently available, [SEC] staff believe that X terminated the unauthorized access to the account by 5:30 pm,” said Gensler. “[L]aw enforcement is currently investigating how the unauthorized party got the carrier to change the SIM for the account and how the party knew which phone number was associated with the account.”
The SEC chair added the commission was coordinating with its Office of Inspector General, the Federal Bureau of Investigation, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency for an investigation into the matter and was in touch with Justice Department officials. Gensler said, “the SEC takes its cybersecurity obligations seriously” and invited the lawmakers to ask additional questions if needed.
Related: Lawyers, politicians call for investigation of SEC over Bitcoin ETF post
The fake tweet, sent from the official SEC X account on Jan. 9, briefly caused turmoil in the crypto market as many had expected the commission to decide on approving spot BTC ETFs. The following day, Jan. 10, the SEC officially approved 11 spot Bitcoin exchange-traded products for listing and trading on U.S. exchanges.
X’s safety team reported on Jan. 9 that the SEC did not enable two-factor authentication on its account, leading to the security breach. The commission confirmed these details in a Jan. 22 statement.
Following SEC approval of spot BTC ETFs, many experts expect the commission to decide on spot Ether (ETH) exchange-traded products. Asset manager VanEck will likely be one of the first firms to hear a decision, with an SEC deadline of May 2024.
Magazine: Expect ‘records broken’ by Bitcoin ETF: Brett Harrison (ex-FTX US), X Hall of Flame