SEC Says It Was Victim of a ‘SIM Swap’ Hack: Details

The SEC had multifactor authentication enabled 6 months before the hack, but X Support disabled it at the request of a staff member.

🌟 Join the Revolution! 🌟 DeeStream Presale Stage One is NOW LIVE!

The United States Securities and Exchange Commission (SEC) claims that it was a victim of “SIM swapping” when its account on the social media platform X, formerly known as Twitter, was hacked earlier this month, prior to the approval of the multiple spot Bitcoin exchange-traded funds (ETFs).

“SIM swapping” is a technique internet fraudsters use to seize control of telephone lines. In this way, attackers gain control of a telephone number by having it reassigned to a new device.

SEC had Multifactor Authentication Enabled

The SEC claims to have had multifactor authentication enabled six months before the hack, but X Support disabled it at the request of an SEC staff member. This hacking led to the false X post on January 9 stating that spot Bitcoin exchange-traded funds (ETFs) had been approved.

🎬 The Future is Streaming, and it’s Decentralized! 🎬 DeeStream’s Presale Stage One is OPEN!

Multifactor authentication is an additional layer of protection due to issues accessing the account. The security measure was not restored until after the January 9 attack.

Approval on January 10

The following day, January 10, the SEC formally authorized a number of spot Bitcoin ETF applications, the majority of which started trading on January 11.

The regulator approved the 19b-4 applications from prominent entities like VanEck (HODL), Valkyrie (BRRR), Grayscale Investments ($GBTC), WisdomTree (BTCW), Invesco Galaxy (BTCO), BlackRock Inc. (IBIT), Fidelity Investments (FBTC), Bitwise (BITB), Hashdex (DEFI), ARK 21shares (ARKB), and Franklin Templeton (EZBC).  

💰 Exclusive Presale Tokens Available - Invest in the Future of Streaming!

SEC Cell Phone Hacked

The SEC determined that the unauthorized party obtained control of the agency’s cell phone number associated with the X account in an apparent ‘SIM swap’ attack two days after the incident, in consultation with the regulator’s telecom carrier.

“Once in control of the phone number, the unauthorized party reset the password for the @SECGov account,” an SEC spokeswoman explained.

Ongoing Investigation

An investigation to find out how the unauthorized party got the carrier to change the SIM for the account and how the attacker knew which phone number was associated with the agency’s X account has been opened as well.

👉 [Visit]