Senators J.D. Vance and Thom Tillis raised concerns about the Commission’s internal cybersecurity procedures while demanding clarity on the incident.
Two United States senators are calling on the United States Securities and Exchange Commission (SEC) to provide a report to Congress about the Jan. 9 breach of its X (formerly Twitter) account.
In a same-day letter to SEC Chair Gary Gensler, Senators J.D. Vance and Thom Tillis described the incident as raising “serious concerns” about the commission’s internal cybersecurity procedures.
It also called it “antithetical to the Commission’s tripartite mission to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation.”
Concerned about the recent hack, which they said introduced “widespread confusion,” the two senators have requested the SEC provide Congress with a report about the incident, referring to a recently finalized rulemaking regarding cybersecurity disclosures.
The letter sent on Jan. 9 sets a deadline for Jan. 23. The letter also reminded the SEC about the mandate that requires all businesses to disclose all impacts to the business within four days of a cybersecurity incident:
“If this ‘compromised’ social media post was indeed a result of a cybersecurity attack, would it be possible for the Commission (SEC) to provide Congress with a report on the breach within four business days? If not, please explain why.”
The incident occurred on Jan. 9, when the SEC’s X account shared a false tweet suggesting spot Bitcoin
$45,917 exchange-traded funds (ETFs) had been approved in the United States. However, the excitement across the crypto community was short-lived after Gensler revealed that the SEC’s X account was compromised and was used to send out an unauthorized tweet.
While the investors and markets reacted unpredictably amid the confusion, many pointed out the SEC’s lack of preparedness against cyberattacks and online threats. An internal investigation from X confirmed the SEC account was not using two-factor authentication at the time of the breach. The X report also added:
“Based on our investigation, the compromise was not due to any breach of X’s systems, but rather due to an unidentified individual obtaining control over a phone number associated with the @SECGov account through a third party.”
Several top-ranking government officials, including Senators Cynthia Lummis and Bill Hagerty, as well as Representative Ann Wagner, echoed the sentiment of fellow members of Congress.
While Hagerty demanded full disclosure about the incident, Lummis highlighted the risks associated with fraudulent announcements and asked for clarity on incidents that “can manipulate markets.”
Leave feedback about this