The Securities and Exchange Commission’s (SEC) official “X” Twitter account was compromised on January 21st in an elaborate “SIM swap” attack that allowed hackers to post fake tweets, including one announcing approval for a Bitcoin exchange-traded fund (ETF) that briefly sent crypto markets soaring.
Timeline of the Hack
The breach unfolded rapidly on the afternoon of January 21st:
14:07 EST – The SEC’s X account posts “Effective immediately, the SEC has approved a physical bitcoin ETF” along with details of the fake “Virgil Sigma ETF.”
14:15 EST – Crypto markets surge over $200 billion based on the fake tweet before doubts emerge on its authenticity.
14:22 EST – The SEC’s official Twitter account tweets that the X post is fake. Crypto markets crash back down from short-lived highs.
14:30 EST – The compromised X account deletes the fake Bitcoin ETF tweet.
Over the next few hours, the hacker intermittently posts tweets from the X account, including taunting the SEC’s cybersecurity. By evening, the SEC regains control of the account and confirms it was compromised through a SIM swap attack.
How the Hack Happened
The SEC has provided additional details on how the attack unfolded. In a SIM swap scheme, hackers are able to hijack the target’s phone number by deactivating the original SIM card. This allows them to receive any two-factor authentication (2FA) login codes sent via text message.
According to the SEC, an agency employee’s mobile account was accessed in November 2023 through a SIM swap attack. This gave hackers control of the employee’s phone number for the next two months.
Notably, the X account did not have any secondary authentication like 2FA enabled at the time of the breach. The agency had deactivated a previous requirement for enhanced login security on the account starting in June 2022 for unspecified reasons.
With control over the employee’s phone number and no 2FA to bypass, the hackers were thus able to gain easy access to login credentials needed to take over the SEC’s official X Twitter profile in January 2024.
Aftermath and Investigations
In the immediate aftermath, Chairman Gary Gensler announced the agency had launched an internal investigation, saying:
“We have launched an internal investigation into the hack involving the SEC’s social media account. We take the incident seriously and have already begun conducting a review of our cybersecurity policies and procedures.”
Additionally, the FBI and Department of Homeland Security have reportedly initiated investigations around if any federal laws were broken by the hacking activity.
Several legislators have also called for inquiries and hearings into the breach, citing concerns over lax security practices at the SEC that may have enabled the SIM swap attack:
“The ease with which hackers compromised an SEC employee’s mobile account for months raises troubling questions about the agency’s cyber readiness.” – Sen. Ron Wyden (D-OR)
Implications for a Bitcoin ETF Decision
The fake tweet claiming SEC approval for a Bitcoin ETF comes while the agency continues assessing several Bitcoin ETF applications from major financial firms.
After rejecting over a dozen Bitcoin ETF filings in previous years, the SEC is facing mounting pressure in 2023/2024 to finally approve the landmark crypto investment vehicle.
| Previous Bitcoin ETF Rejections |
|---|
| 8 Rejected Filings in 2017 |
| 5 Rejected Filings in 2018 |
| 2 Rejected Filings in 2021 |
Chairman Gensler has expressed openness to approving a Bitcoin ETF if it meets high investor protection standards. A key SEC concern remains possible manipulation and fraud in the underlying Bitcoin spot trading markets.
Several recent filings from major exchanges like CME and Nasdaq use Bitcoin futures rather than spot prices to address these concerns. These futures-backed ETFs are seen to have the strongest chance yet of securing regulatory approval.
What Next for the X Account?
In the short term, the immediate priority for the SEC will be assessing why existing security protections failed and how to prevent a repeat breach.
Given the deep embarrassment caused by hackers posting fake tweets, the SEC will likely implement stricter login protections for the X account, including:
- Requiring multi-factor authentication on all social media logins
- Increased monitoring for unauthorized access attempts
- Routine security reviews of employee mobile accounts
Longer term, renewed scrutiny of the SEC’s cyber defenses may pressure Chairman Gensler into taking more sweeping actions like:
- Establishing a dedicated cybersecurity team to provide expertise and accountability
- Making additional investments into IT infrastructure and systems
- Setting new agency-wide policies around best security practices
Successfully rebuilding confidence after the X hack will be crucial for Gensler’s broader leadership agenda in regulating crypto markets while upholding the SEC’s mission to protect investors.
To err is human, but AI does it too. Whilst factual data is used in the production of these articles, the content is written entirely by AI. Double check any facts you intend to rely on with another source.
