U.S. Senators Ron Wyden and Cynthia Lummis are pushing for an investigation into the Securities and Exchange Commission’s (SEC) cybersecurity practices. This comes in response to a recent incident where a hacker posted a fake message on the SEC’s Twitter account, falsely announcing the approval of a spot Bitcoin exchange-traded fund (ETF).
In a letter dated January 11, addressed to SEC Inspector General Deborah Jeffrey, Wyden and Lummis expressed their concerns over the SEC’s apparent failure to implement basic security measures on its Twitter account. They highlighted the absence of multifactor authentication and the lack of phishing-resistant hardware tokens as significant oversights.
The senators described the hack as “inexcusable,” emphasizing the potential risks such incidents pose to financial system stability and public market trust. They fear that the dissemination of misleading information could lead to market manipulation. Consequently, they have requested an update on the investigation and the SEC’s remediation efforts by February 12, 2024.
This request follows similar calls for inquiry from Senators J.D. Vance and Thom Tillis, along with other policymakers, who were also concerned about the implications of the fake tweet.
The incident occurred just before the SEC officially approved the listing of spot Bitcoin ETFs on January 10. The fake tweet, which was online for about 20 minutes, caused significant confusion and doubt in the crypto market, even after the actual approval was confirmed.
Following the approval, the SEC announced plans to collaborate with the Federal Bureau of Investigation and its own Office of the Inspector General to investigate the tweet and determine the responsible parties. The identity of the individual behind the post remains unknown at the time of writing.