By Benjamin Bain and Matt Robinson
The vulnerability of governments and businesses to cyberattacks was exposed again Wednesday when a top U.S. financial regulator said hackers had breached its electronic database of market-moving corporate announcements, and may have profited from the information they stole.
The hack of an aspect of the U.S. Securities and Exchange Commission’s Edgar filing system occurred in 2016, the regulator said in a statement. But it wasn’t until last month that the agency concluded the cybercriminals involved may have used their bounty to make illicit trades.
Edgar houses millions of filings on corporate disclosures ranging from quarterly earnings to statements on mergers and acquisitions. Infiltrating the SEC’s system to review announcements before they are released publicly would serve as a virtual treasure trove for a hacker seeking to make easy money.
SEC Chairman Jay Clayton said the agency’s review of the breach is ongoing and that it’s “coordinating with the appropriate authorities.”