The verified X account of the Securities and Exchange Commission (SEC) fell victim to a security breach on Tuesday, resulting in the dissemination of a false post claiming the approval of a bitcoin exchange-traded fund (ETF). The unauthorized post surfaced just after 4 p.m. ET, prompting SEC Chairman Gary Gensler to clarify that the SEC had not granted approval for the listing and trading of spot bitcoin exchange-traded products.
In response to the security breach, Gensler stated on X, “The SEC will work with law enforcement and our partners across government to investigate the matter and determine appropriate next steps relating to both the unauthorized access and any related misconduct.” The incident raises concerns about the cybersecurity of both the SEC and the X platform.
There had been anticipation within the crypto community that the SEC might approve a bitcoin ETF, and a decision was expected during that week. Several asset managers had submitted applications for the creation of bitcoin ETFs. The false post led to a temporary spike in the value of bitcoin, causing it to rise from approximately $46,730 to just under $48,000. Once the SEC clarified the situation, the price dropped to around $45,200.
The security breach and the dissemination of false information also raised broader concerns about the cybersecurity measures in place at the SEC and on the X platform. Senator Bill Hagerty, a member of the Senate Banking Committee, emphasized the need for accountability and transparency, comparing the situation to the SEC demanding accountability from a public company for a market-moving mistake. He stated, “Just like the SEC would demand accountability from a public company if they made a colossal market-moving mistake, Congress needs answers on what just happened.”
Consumer watchdogs have pointed out a potential decline in security standards since Elon Musk assumed control of the social media platform X. The incident prompted discussions about the sophistication of the attack and the ability of the X team to address evolving techniques employed by attackers in taking over accounts. Alex Stamos, Chief Trust Officer at SentinelOne and former security chief at Meta Platforms Inc., remarked, “This has to be the most sophisticated use of a stolen Twitter account ever. At a minimum, this indicates that the hollowed-out X team can’t keep up with advances in account takeover techniques.”
The SEC, in collaboration with law enforcement and relevant government partners, is actively investigating the unauthorized access to its X account. The focus of the investigation is not only on the security breach but also on any potential misconduct related to the incident. The outcome of the investigation will likely have implications for the overall security protocols of regulatory bodies and social media platforms, emphasizing the ongoing challenges in safeguarding against cyber threats and misinformation in the digital age.