The normally steadfast U.S. Securities and Exchange Commission (SEC) found itself at the center of a cybersecurity storm that sent shockwaves through the crypto market.
The incident, which occurred on Tuesday, unfolded as the SEC’s official social media account, known as SEC X, was compromised, leading to the dissemination of fake news regarding the approval of a spot-Bitcoin exchange-traded fund (ETF).
The breach had immediate consequences as a fabricated post claimed that the SEC had given the green light to plans for Bitcoin ETFs.
This misleading information triggered a brief surge in the price of the world’s largest cryptocurrency, leaving traders and investors scrambling to make sense of the unexpected turn of events.
“It really shows the breadth and frequency of cyberattacks,” remarked Kurt Gottschall, a partner at law firm Haynes Boone and former SEC regional director. “The irony here is that the SEC has not shown much sympathy to public companies and asset managers that have experienced cybersecurity incidents.”
For crypto enthusiasts, the breach became ammunition in their ongoing perception of SEC Chair Gary Gensler as an adversary due to his consistent efforts to regulate the industry.
The irony of a cybersecurity incident befalling a regulatory body that has repeatedly emphasized the vulnerabilities of the crypto space did not go unnoticed by critics.
In response to the breach, the SEC swiftly issued statements assuring that no decision had been made regarding the approval of spot-Bitcoin ETFs.
The regulatory body pledged to collaborate with law enforcement to investigate the incident, clarifying that the unauthorized access to the SEC X account had been terminated.
Gary Gensler, in a separate statement, emphasized that the fake post did not originate from the SEC or its staff.
The social media service handling the SEC’s account shed light on the method of compromise, indicating that an unidentified individual gained control by acquiring the associated phone number.
It was revealed that the account lacked two-factor authentication at the time, an additional layer of security that has become increasingly essential in the face of rising cyber threats.
As the investigation unfolds, Republican Senators JD Vance and Thom Tillis have demanded an explanation for the SEC’s “errant” post. Their letter seeks a briefing by the SEC, with a deadline for answers no later than Jan. 23.
The timing of this cybersecurity incident adds an additional layer of complexity, considering that about a dozen companies await the SEC’s decision on ETFs backed by Bitcoin.
The SEC has until Jan. 10 to take action on at least one of these applications, and industry insiders have speculated that the regulator might use this deadline to announce multiple decisions simultaneously.
With the SEC planning to vote on the exchanges’ filings this week, the crypto market is on edge, awaiting both technical approvals required for spot-backed Bitcoin ETFs to commence trading.
The incident has further fueled the already intense speculation surrounding the SEC’s stance on crypto-related financial products.
The SEC’s struggle with cyber threats has inadvertently become a chapter in the ongoing saga of the crypto community’s quest for mainstream acceptance, leaving the market in a state of uncertainty and anticipation.