Senators Urge Probe into SEC’s Misleading Bitcoin ETF Tweet

Senate Finance Committee Chair Sen. Ron Wyden, D-Ore., and Sen. Cynthia Lummis, R-Wyo., have requested an investigation into the recent security breach of the U.S. Securities and Exchange Commission’s (SEC) social media account. This request follows a misleading tweet about Bitcoin ETF approval that raised concerns over cybersecurity protocols within the agency.

Senators Call for Rigorous Investigation

The call for an in-depth inquiry by Senators Wyden and Lummis comes after a fraudulent post from the SEC’s account misled its followers about the approval of spot Bitcoin ETFs. SEC Chair Gary Gensler promptly addressed the issue, stating that the account had been compromised. 

Interestingly, the SEC approved spot Bitcoin ETFs the following day. The social media platform confirmed that the breach occurred due to unauthorized access to a phone number linked to the SEC’s account, highlighting a lack of two-factor authentication (2FA).

Senators Wyden and Lummis emphasized the necessity for more robust cybersecurity measures, including phishing-resistant hardware tokens known as security keys. These are considered the gold standard in securing online accounts. Their statement underlines the critical need for government agencies to adhere to best practices in cybersecurity to prevent such breaches.

SEC’s Cybersecurity Practices Under Scrutiny

This incident has put the spotlight on the SEC’s cybersecurity practices. A previous report from the SEC’s inspector general’s office in December pointed out that the SEC’s information security program was not entirely effective. Although the agency had shown progress, significant gaps remained in its security measures.

The recent security lapse raises questions about the SEC’s commitment to cybersecurity, especially considering the potential market impacts and erosion of public trust in the financial system that such incidents can cause. The senators urged an investigation into the use of multi-factor authentication (MFA) and particularly phishing-resistant MFA at the SEC, aiming to identify and address any remaining security vulnerabilities.

The SEC has acknowledged the issue and is collaborating with the Office of the Inspector General and the FBI to understand the nature and extent of the breach. The agency has promised to keep the public informed as the situation develops.

The cybersecurity breach at the SEC holds broader implications for the stability of financial markets and the trust in public trading systems. Incidents like this could be exploited for market manipulation, underscoring the importance of robust digital security in financial regulatory bodies.

Senators Wyden and Lummis have requested an update on the investigation and the SEC’s remedial actions by February 12. Their intervention highlights the growing concern among lawmakers about cybersecurity in key financial institutions. Additionally, House Republicans have sought a briefing from the Securities and Exchange Commission, and other legislators have expressed dissatisfaction with how the SEC handled the compromised post.

Read Also: Bitcoin (BTC) Drops Below $43K, Here’s Reason for This Slump