By WIRED
The official X account of the United States Securities and Exchange Commission (SEC) was “compromised” this afternoon, resulting in the publication of an “unauthorized” post, according to SEC Chairman Gary Gensler. The account, @SECGov, also said the account had been compromised.
It is currently unclear what the nature of the “compromise” is. The SEC has not yet responded to WIRED’s request for comment. X also did not yet respond.
The @SECGov account published a post this afternoon regarding the regulatory status of Bitcoin ETFs, a financial product that would allow people to invest in bitcoin like standard stocks. The post has since been deleted.
The fake post appeared to lead to a brief spike in Bitcoin’s value of around 2.5 percent, to nearly $47,870, before crashing around 3.2 percent from its original price.
Following news of the SEC’s compromised account, US Senator Bill Hagerty said in a post on X that Congress should investigate the incident.
“Just like the SEC would demand accountability from a public company if they made such a colossal market-moving mistake, Congress needs answers on what just happened,” Hagerty, a Tennessee Republican, wrote. “This is unacceptable.”
This is at least the second high-profile compromise of an X account in recent days. Mandiant, a leading cybersecurity firm now owned by Google, had its X account hacked last Wednesday. A scammer used their access to post a malicious link in an attempt to steal cryptocurrency from victims.
The SEC account’s compromise is arguably the most consequential hijacking of a public figure’s Twitter account since 2020, when a group of young hackers tricked Twitter employees into giving them access to a power internal tool that allowed them to take control of users’ profiles.
They used it to post a scam messages to the accounts of users including Joe Biden, Barack Obama, Jeff Bezos, Elon Musk, and Kim Kardashian offering to donate twice the amount of any payment users sent to the hackers’ Bitcoin addresses back to the sender. The scam netted nearly $120,000 within minutes before the messages could be deleted. In that case, the hackers were identified—in part thanks to cryptocurrency tracing evidence left on Bitcoin’s blockchain—and arrested within two weeks.
This is a developing story. Check back for updates.
Discussion about this post