The US Securities and Exchange Commission (SEC) waited until Wednesday to disclose a hack of its corporate filing system that occurred last year, raising questions about the agency’s ability to protect important financial information and comes as Americans are still weighing the consequences of the massive hack at Equifax Inc.
While the SEC discovered the breach to its corporate filing system last year, the agency said it only became aware last month that information obtained by the intruders might have been used for illegal trading profits.
Experts question the length of time taken to disclose the breach and why the SEC is not meeting the same security standards it demands of corporate America.
Photo: Reuters
“It took quite a while,” said Robert Cattanach, an attorney at Dorsey & Whitney and former trial attorney for the US Department of Justice, whose work includes cybersecurity and data breaches. “The integrity of our whole trading system is dependent on keeping this information secure... People have got some ‘splaining to do.”
The SEC did not explain why the initial hack was not revealed sooner, or which individuals or companies may have been affected. The disclosure came two months after a government watchdog said deficiencies in the corporate filing system put the system, and the information it contains, at risk.
The SEC also did not disclose any information about who might have carried out the breach. A hack by Chinese or Russian actors cannot be ruled out, experts say.
“Certainly state actors would be on the list of suspects that come to mind,” said Marcus Christian, a former federal prosecutor who is an attorney working in Mayer Brown’s cybersecurity and national security practices.
Still, the list would also include “regular old criminal actors,” Christian added.
SEC Chairman Jay Clayton disclosed the hack in a statement posted to the agency’s Web site. It came just two weeks after the credit agency Equifax revealed a stunning cyberattack that exposed highly sensitive personal information of 143 million people.
Clayton is to appear on Tuesday before the US Senate Banking Committee, and he is certain to be questioned about the hack.
US Senator and committee member Mark Warner said in a statement on Thursday that the disclosures by the SEC and Equifax show “that government and businesses need to step up their efforts to protect our most sensitive personal and commercial information.”
Clayton blamed the breach on “a software vulnerability” in the filing system known as EDGAR —Electronic Data Gathering, Analysis and Retrieval system.
EDGAR processes more than 1.7 million electronic filings a year. Those documents can cause enormous movements in the stock market, sending billions of US dollars into motion in fractions of a second.
The hack of EDGAR is especially concerning because of how widely investors have used and trusted the system, which first came online in the early 1990s.
Companies periodically file earnings and a range of financial information, and they alert investors to important developments that could affect their share prices, like government investigations, executive shake-ups and approaches for a takeover.
SEMICONDUCTOR SERVICES: A company executive said that Taiwanese firms must think about how to participate in global supply chains and lift their competitiveness Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) yesterday said it expects to launch its first multifunctional service center in Pingtung County in the middle of 2027, in a bid to foster a resilient high-tech facility construction ecosystem. TSMC broached the idea of creating a center two or three years ago when it started building new manufacturing capacity in the US and Japan, the company said. The center, dubbed an “ecosystem park,” would assist local manufacturing facility construction partners to upgrade their capabilities and secure more deals from other global chipmakers such as Intel Corp, Micron Technology Inc and Infineon Technologies AG, TSMC said. It
NO BREAKTHROUGH? More substantial ‘deliverables,’ such as tariff reductions, would likely be saved for a meeting between Trump and Xi later this year, a trade expert said China launched two probes targeting the US semiconductor sector on Saturday ahead of talks between the two nations in Spain this week on trade, national security and the ownership of social media platform TikTok. China’s Ministry of Commerce announced an anti-dumping investigation into certain analog integrated circuits (ICs) imported from the US. The investigation is to target some commodity interface ICs and gate driver ICs, which are commonly made by US companies such as Texas Instruments Inc and ON Semiconductor Corp. The ministry also announced an anti-discrimination probe into US measures against China’s chip sector. US measures such as export curbs and tariffs
The US on Friday penalized two Chinese firms that acquired US chipmaking equipment for China’s top chipmaker, Semiconductor Manufacturing International Corp (SMIC, 中芯國際), including them among 32 entities that were added to the US Department of Commerce’s restricted trade list, a US government posting showed. Twenty-three of the 32 are in China. GMC Semiconductor Technology (Wuxi) Co (吉姆西半導體科技) and Jicun Semiconductor Technology (Shanghai) Co (吉存半導體科技) were placed on the list, formally known as the Entity List, for acquiring equipment for SMIC Northern Integrated Circuit Manufacturing (Beijing) Corp (中芯北方積體電路) and Semiconductor Manufacturing International (Beijing) Corp (中芯北京), the US Federal Register posting said. The
India’s ban of online money-based games could drive addicts to unregulated apps and offshore platforms that pose new financial and social risks, fantasy-sports gaming experts say. Indian Prime Minister Narendra Modi’s government banned real-money online games late last month, citing financial losses and addiction, leading to a shutdown of many apps offering paid fantasy cricket, rummy and poker games. “Many will move to offshore platforms, because of the addictive nature — they will find alternate means to get that dopamine hit,” said Viren Hemrajani, a Mumbai-based fantasy cricket analyst. “It [also] leads to fraud and scams, because everything is now
RSS