|
Someone briefly accessed its X, formerly called Twitter, account
on Tuesday, the agency had confirmed, and posted a fake message
saying it had approved exchange traded funds (ETF) for bitcoin.
The SEC eventually approved the first U.S.-listed ETFs to track
bitcoin on Wednesday, but the unauthorized post a day earlier
led to a rise in the price of Bitcoin to around $48,000 before
falling to below $45,000 minutes later.
In a letter to the agency on Thursday, Ron Wyden, a Democratic
senator from Oregon, and Cynthia Lummis, a Republican senator
from Wyoming, sought an investigation into the incident, which
they deemed as "SEC's apparent failure to follow cybersecurity
best practices".X, which is owned by billionaire and Tesla boss
Elon Musk, confirmed that hack. It said that an "unidentified
individual" obtained control over a phone number associated with
the agency's account and that the SEC did not have two-factor
authentication enabled at the time.
Two-factor authentication (MFA) is a two-pronged privacy tool
which allows access to an Internet account only after the user
has keyed in the password and a security key sent over on email
or on the phone.
"We urge you to investigate the agency's practices related to
the use of MFA, and in particular, phishing-resistant MFA, to
identify any remaining security gaps that must be addressed,"
Wyden and Lumis said in their letter.
The SEC had earlier said it was working with law enforcement to
investigate the hack.
(Reporting by Yuvraj Malik in Bengaluru; Editing by Krishna
Chandra Eluri)
[© 2024 Thomson Reuters. All rights
reserved.]
Copyright 2022 Reuters. All rights reserved. This material may
not be published, broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|
