According to The U.S. Securities and Exchange Commission, late Wednesday night hackers stealing data from its filing system and may have made “illicit gain through trading.”
Giving details about the hack the SEC, the agency responsible for regulating the financial securities industries said it involved a software “vulnerability” in its EDGAR online filing system, resulting in “access to nonpublic information.” Though no personal information or SEC operations were compromised and that an investigation was continuing.
This breach was in fact first detected in 2016 but it was not until last month the SEC discovered that the hackers may have been able to exploit the hack for profit, mentions a statement on cybersecurity policy released at about 11 p.m. ET. The disclosure was cramped into one paragraph almost a third of the way into the 5,000-word document, including footnotes.
This is not the first time and sure won’t be the last, that the federal government has the face the continual trouble of hackers. Over the years there have a number of high-profile breaches. The Office of Personnel Management was hacked back in 2015 compromising sensitive data records related to almost 21 million people.
In another event in March NBC news reported 8000 documents posted by Wikileaks included authentic material about CIA hacking methods, some of it classified top secret.
Whereas the last years breach at the security risk benchmarking firm SecurityScorecard listed a number of federal, state and local governments among 17 major industries and institutions it examined for cybersecurity, highlighting outdated software and slow or inadequate deployment of critical updates.
President Donald Trump in May passed an executive order calling for a single, unified set of standards for cybersecurity and making the heads of each government agency responsible for its own security.
The order made it difficult for the executives to pass the buck to their information technology staffs as it added responsibility for cybersecurity on the shoulders.