US lawmakers demand an evaluation of the Securities and Exchange Commission's (SEC) cybersecurity measures following the recent breach of the agency's X account that led to a false post proclaiming bitcoin exchange-traded funds (ETF) approval, creating a price spike.
The SEC confirmed the unauthorized access to its X (formerly Twitter) account, leading to the dissemination of misleading information about the approval of Bitcoin ETFs.
While the SEC did approve the first US-listed Bitcoin ETFs on Wednesday, the earlier false announcement on X led to a sudden rise in Bitcoin's price to around $48,000 before quickly dropping to below $45,000.
(Photo: Drew Angerer/Getty Images)U.S. Securities and Exchange Commission (SEC) chairman Gary Gensler attends a meeting of the Financial Stability Oversight Council at the U.S. Department of Treasury on December 14, 2023, in Washington, DC.
SEC Failed to Use MFA
Reacting to the hacking incident, Democratic Senator Ron Wyden of Oregon and Republican Senator Cynthia Lummis from Wyoming wrote a letter to the SEC calling for an investigation into the issue. They warned that the SEC appears to have not followed best cybersecurity practices like multi-factor authentication (MFA).
"We urge you to investigate the agency's practices related to the use of MFA, and in particular, phishing-resistant MFA, to identify any remaining security gaps that must be addressed," the lawmakers said, as quoted by Reuters.
The commission, already working with law enforcement to investigate the hack, revealed that the SEC X account hacking was done by an "unknown individual" installing themselves into control over a phone number associated with the agency's account.
Notably, X discovered that the commission was not using two-factor authentication at the time when it had been breached, according to a report from The Guardian.
Two-factor authentication is a security measure that forces users to provide a passcode and a special key sent via email or over the phone before accessing their online account.
Read Also: Google Plans to Support More Real-Money Games on the Play Store
The lawmakers called on the SEC to take a closer look at its MFA practices, especially phishing-resistant ones, to check for and rectify any remaining security weaknesses. This hacking incident has emphasized the necessity of strong cybersecurity measures, especially for financial regulatory bodies that handle market-sensitive information.
SEC OKs Rule on Bitcoin ETFs
The SEC approved rule changes to enable the creation of bitcoin ETFs in the US, a development that allows mainstream investors to gain exposure to bitcoin through regulated channels.
The landmark decision is expected to lead to the conversion of existing funds, such as the Grayscale Bitcoin Trust, into ETFs and the launch of competing funds by major issuers like BlackRock and Fidelity.
The US Securities and Exchange Commission (SEC) has been averse to the idea of allowing an investment fund in Bitcoin for quite some time now, dismissing all applications filed over the years regarding creating exchange-traded funds based on it.
SEC Chair Gary Gensler highlighted that the latest approval relates to ETPs holding Bitcoin as a commodity non-security. He made it clear that the decision to approve or disapprove listing standards for crypto asset securities should not be viewed as an effort on their part to satisfy the SEC's requirements in this regard.
"Nor does the approval signal anything about the Commission's views as to the status of other crypto assets under the federal securities laws or about the current state of non-compliance of certain crypto asset market participants with the federal securities laws," he said in a statement, per CNBC.
Related Article: Scam Alert: Cybercriminals Exploit Ram Temple Consecration with Fake VIP Entry
