SEC Says Other Systems Secure After X Account Hack

CoinDeskPolicyОпубліковано о 2024-01-12Востаннє оновлено о 2024-01-13

Анотація

The regulator's latest update on the hack suggests it never lost access to the account.

The U.S. Securities and Exchange Commission said Friday its systems and devices were not breached by the party responsible for tweeting out a fake bitcoin ETF approval announcement earlier this week.

On Tuesday, the SEC's official X (formerly Twitter) account, @SECgov, tweeted that the agency had approved a number of spot bitcoin exchange-traded fund (ETF) applications to begin trading, a message that was ultimately shown to be faked by someone who was able to gain access to the account through the phone number associated with it. On Friday, the SEC statement provided a timeline of events on Tuesday, saying the first "unauthorized post" came at 4:11 p.m. ET (21:11 UTC), and SEC Chair Gary Gensler published his clarification 15 minutes later.

10

The statement suggested that SEC staff never lost access to the account, saying they had deleted the fake post, un-liked some other bitcoin-related tweets and shared an update on the main SECgov account within 30 minutes.

Advertisement
Advertisement

"Staff also reached out to X.com for assistance in terminating the unauthorized access to the @SECGov account. Based on information currently available, staff believe that the unauthorized access to the account was terminated between 4:40 pm ET and 5:30 pm ET," the statement said.

An SEC spokesperson said on Wednesday that the FBI was investigating the issue, adding that the SEC did not draft the message (dispelling rumors that the fake approval notice was an already planned announcement that was released prematurely). Friday's statement added that the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) are also investigating.

On Wednesday, the SEC did approve nearly a dozen bitcoin ETF applications, which began trading a day later.

The hack alarmed a number of lawmakers, who publicly demanded answers about how it happened. Senators Ron Wyden (D-Ore.) and Cynthia Lummis (R-Wyo.) published a letter on Thursday asking that SEC Inspector General Deborah Jeffrey's office open an investigation into the hack "and the SEC's apparent failure to follow cybersecurity best practices."

Future hacks could harm public markets and their stability, the letter said.

The letter followed Senators J.D. Vance (R-Ohio) and Thom Tillis (R-N.C.), who similarly asked Gensler to brief their teams on a number of questions around the hack and the SEC's decision-making on bitcoin ETFs, including how the SEC "plans to rectify any financial losses borne by investors as a result of the errant announcement."

Advertisement
Advertisement

"The SEC takes its cybersecurity obligations seriously. Commission staff are still assessing the impacts of this incident on the agency, investors, and the marketplace but recognize that those impacts include concerns about the security of the SEC’s social media accounts. The staff also will continue to assess whether additional remedial measures are warranted," the SEC's statement on Friday said.

Пов'язані матеріали

Buyback and Burn: Just Empty Promises? The Unbridgeable Rights Gap Between Tokens and Equity

"Token Repurchase and Burn: An Empty Promise? The Unbridgeable Rights Gap Between Tokens and Equity" Holding company stock grants shareholders residual claim rights - a legally enforceable entitlement to remaining assets after all other obligations are paid. This comes with rights like voting, dividends, and a share in sale proceeds. Crypto protocols have long promised token holders similar benefits: governance participation and a share of future growth. However, this narrative is fundamentally flawed and built on voluntary promises, not enforceable legal rights. The core difference is that token holders lack any legally enforceable claim to a protocol's underlying value or revenues. Common mechanisms like using protocol revenue to buy back and burn tokens are purely discretionary; the team can alter or stop the policy at any time. Token holders have no legal recourse. This rights gap becomes critically apparent when protocols introduce traditional equity alongside tokens, as seen with Venice AI's $65M funding round. Equity investors hold legal contracts with rights to company assets and profits, while token holders' benefits depend entirely on the continued goodwill of the protocol's management. The acquisition of Houdini Swap, where equity holders were paid while token holders received nothing, starkly illustrates this disparity. Upcoming legislation like the CLARITY Act threatens to eliminate the regulatory gray area that has allowed this ambiguous "pseudo-equity" narrative. The Act would classify tokens as either digital commodities (regulated by CFTC) or investment contract assets/securities (regulated by SEC). Protocols aiming for the "digital commodity" classification would be explicitly prohibited from granting token holders any legal claim to corporate revenue, profits, or assets. Promising that tokens will appreciate from protocol profits would likely classify them as securities. Projects like Aave are attempting technical solutions, such as its automated, on-chain "Aavenomics 3.0" buyback mechanism. However, this remains code that the governance body could still vote to change, not an immutable legal contract. The industry faces a clear fork: either acknowledge tokens as digital commodities and stop promising economic rights tied to corporate profits, or formally register tokens as securities and bear the associated compliance burden. The decade-long narrative equating tokens with ownership is built on unenforceable promises. The entry of traditional equity investors with real legal rights exposes this foundational weakness, which may unravel with the next major funding deal.

Foresight News2 год тому

Buyback and Burn: Just Empty Promises? The Unbridgeable Rights Gap Between Tokens and Equity

Foresight News2 год тому

Торгівля

Спот
活动图片