|
SEC chair to face grilling from Senate
panel over cyber breach
Send a link to a friend
 [September 26, 2017]
By Michelle Price and Pete Schroeder
WASHINGTON (Reuters) - The chairman of the
U.S. Securities and Exchange Commission is expected to be grilled by
Congress on Tuesday over a 2016 hack of the regulator's corporate filing
system that has shaken investor confidence in its cyber defenses.
The hearing by the Senate Banking Committee, which had been scheduled
prior to the disclosure of the breach last Wednesday, will offer
lawmakers, companies and investors the first opportunity to hear from
SEC chief Jay Clayton on the incident. The SEC has so far provided no
additional public information.
Clayton originally had been scheduled to discuss capital market reform
at his first hearing before the committee since being formally appointed
in May, but his pro-growth agenda is likely to eclipsed by the breach of
the SEC's EDGAR database, Congressional sources said.
Wall Street’s top regulator came under fire last week after disclosing
that hackers might have used information stolen from EDGAR, which houses
millions of market-sensitive corporate disclosures such as earnings
releases, for insider trading.
"When we learn a year after the fact that the SEC had its own breach and
that it likely led to illegal stock trades, it raises questions about
why the SEC seems to have swept this under the rug," Senator Sherrod
Brown, the ranking Democratic member of the committee, will ask Clayton,
according to prepared remarks seen by Reuters.
"What else are we not being told, what other information is at risk, and
what are the consequences?" Brown will ask. "How can you expect
companies to do the right thing when your agency has not?"
CYBER-PREPAREDNESS IN FOCUS
Reuters reported on Monday that the Federal Bureau of Investigation and
the U.S. Secret Service have launched investigations into the breach,
which occurred in October 2016 and appeared to have been routed through
servers in Eastern Europe. The breach appeared to have been one of
several cyber incidents documented by the SEC in recent months, Reuters
reported.
Clayton said in prepared testimony released by the committee on Monday
that he only learned about the 2016 hack in August and that the SEC's
enforcement staff and inspector general's office have launched internal
probes.
[to top of second column] |
Jay Clayton takes his seat to testify at a Senate Banking, Housing
and Urban Affairs Committee hearing on his nomination of to be
chairman of the Securities and Exchange Commission (SEC) on Capitol
Hill in Washington, DC, U.S. on March 23, 2017. REUTERS/Jonathan
Ernst/File Photo
The regulator reported the breach to the Department of Homeland
Security's Computer Emergency Readiness Team when it was first
discovered, Clayton said in the testimony, adding the regulator
plans to hire more cyber security experts.
Clayton said in his prepared remarks that the hack was possibly the
result of a defect in the EDGAR software and said that personally
identifiable information did not appear to have been put at risk.
He said the SEC was still determining the extent and impact of the
breach and that it could take "substantial time" to complete.
Clayton said he was limited in what he could say publicly given the
ongoing review.
Even so, Clayton is expected to be quizzed on Tuesday about the
SEC's broader cyber-preparedness and on the activity of a new cyber
unit, announced by the SEC Monday evening, that the regulator said
will target cyber-related misconduct including market manipulation.
The committee is also expected to ask about the robustness of the
SEC's current guidelines requiring public companies to disclose
material cyber breaches to investors.
The committee wrote to Clayton on Monday asking whether the
guidelines, first drawn up in 2011, should be updated in light of
heightened cyber risks underscored by the Equifax Inc <EFX.N> breach
in which hackers stole personal data of about 143 million customers
of the credit reporting firm.
"Right now the SEC needs to do more, and it needs to make sure the
companies it regulates do better," Brown will say.
(Reporting by Michelle Price; Editing by Leslie Adler)
[© 2017 Thomson Reuters. All rights
reserved.]
Copyright 2017 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
