The US Securities and Exchange Commission (SEC) waited until Wednesday to disclose a hack of its corporate filing system that occurred last year, raising questions about the agency’s ability to protect important financial information and comes as Americans are still weighing the consequences of the massive hack at Equifax Inc.
While the SEC discovered the breach to its corporate filing system last year, the agency said it only became aware last month that information obtained by the intruders might have been used for illegal trading profits.
Experts question the length of time taken to disclose the breach and why the SEC is not meeting the same security standards it demands of corporate America.
Photo: Reuters
“It took quite a while,” said Robert Cattanach, an attorney at Dorsey & Whitney and former trial attorney for the US Department of Justice, whose work includes cybersecurity and data breaches. “The integrity of our whole trading system is dependent on keeping this information secure... People have got some ‘splaining to do.”
The SEC did not explain why the initial hack was not revealed sooner, or which individuals or companies may have been affected. The disclosure came two months after a government watchdog said deficiencies in the corporate filing system put the system, and the information it contains, at risk.
The SEC also did not disclose any information about who might have carried out the breach. A hack by Chinese or Russian actors cannot be ruled out, experts say.
“Certainly state actors would be on the list of suspects that come to mind,” said Marcus Christian, a former federal prosecutor who is an attorney working in Mayer Brown’s cybersecurity and national security practices.
Still, the list would also include “regular old criminal actors,” Christian added.
SEC Chairman Jay Clayton disclosed the hack in a statement posted to the agency’s Web site. It came just two weeks after the credit agency Equifax revealed a stunning cyberattack that exposed highly sensitive personal information of 143 million people.
Clayton is to appear on Tuesday before the US Senate Banking Committee, and he is certain to be questioned about the hack.
US Senator and committee member Mark Warner said in a statement on Thursday that the disclosures by the SEC and Equifax show “that government and businesses need to step up their efforts to protect our most sensitive personal and commercial information.”
Clayton blamed the breach on “a software vulnerability” in the filing system known as EDGAR —Electronic Data Gathering, Analysis and Retrieval system.
EDGAR processes more than 1.7 million electronic filings a year. Those documents can cause enormous movements in the stock market, sending billions of US dollars into motion in fractions of a second.
The hack of EDGAR is especially concerning because of how widely investors have used and trusted the system, which first came online in the early 1990s.
Companies periodically file earnings and a range of financial information, and they alert investors to important developments that could affect their share prices, like government investigations, executive shake-ups and approaches for a takeover.
UNPRECEDENTED PACE: Micron Technology has announced plans to expand manufacturing capabilities with the acquisition of a new chip plant in Miaoli Micron Technology Inc unveiled a newly acquired chip plant in Miaoli County yesterday, as the company expands capacity to meet growing demand for advanced DRAM chips, including high-bandwidth memory chips amid the artificial intelligence boom. The plant in Miaoli County’s Tongluo Township (銅鑼), which Micron acquired from Powerchip Semiconductor Manufacturing Corp (力積電) for US$1.8 billion, is expected to make a sizeable capacity contribution to the company from fiscal 2028, the company said in a statement. It would be an extended production site of Micron’s large-scale manufacturing hub in Taichung, the company said. As the global semiconductor industry is racing to reach US$1 trillion
Singapore-based ride-hailing and delivery giant Grab Holdings Ltd has applied for regulatory approval to acquire the Taiwan operations of Germany-based Delivery Hero SE's Foodpanda in a deal valued at about US$600 million. Grab submitted the filing to the Fair Trade Commission on Friday last week, with the transaction subject to regulatory review and approval, the company said in a statement yesterday. Its independent governance structure would help foster a healthy and competitive market in Taiwan if the deal is approved, Grab said. Grab, which is listed on the NASDAQ, said in the filing that US-based Uber Technologies Inc holds about 13 percent of
Taiwan’s food delivery market could undergo a major shift if Singapore-based Grab Holdings Ltd completes its planned acquisition of Delivery Hero SE’s Foodpanda business in Taiwan, industry experts said. Grab on Monday last week announced it would acquire Foodpanda’s Taiwan operations for US$600 million. The deal is expected to be finalized in the second half of this year, with Grab aiming to complete user migration to its platform by the first half of next year. A duopoly between Uber Eats and Foodpanda dominates Taiwan’s delivery market, a structure that has remained intact since the Fair Trade Commission (FTC) blocked Uber Technologies Inc’s
Memory chip stocks extended their losses yesterday after Alphabet Inc’s Google publicized research that could allow more efficient use of the storage needed for artificial intelligence (AI) development. SK Hynix Inc and Samsung Electronics Co, South Korean leaders in the market, fell more than 6 percent and about 5 percent respectively in Seoul. In the US, Micron Technology Inc, Western Digital Corp and Sandisk Corp slid more than 2 percent in pre-market trading, after they all closed lower on Wednesday. Memory companies have been on a tear in recent months as the rapid development of AI infrastructure triggered a spike in chip
RSS