SEC Says Other Systems Secure After X Account Hack

CoinDeskPolicy發佈於 2024-01-12更新於 2024-01-13

文章摘要

The regulator's latest update on the hack suggests it never lost access to the account.

The U.S. Securities and Exchange Commission said Friday its systems and devices were not breached by the party responsible for tweeting out a fake bitcoin ETF approval announcement earlier this week.

On Tuesday, the SEC's official X (formerly Twitter) account, @SECgov, tweeted that the agency had approved a number of spot bitcoin exchange-traded fund (ETF) applications to begin trading, a message that was ultimately shown to be faked by someone who was able to gain access to the account through the phone number associated with it. On Friday, the SEC statement provided a timeline of events on Tuesday, saying the first "unauthorized post" came at 4:11 p.m. ET (21:11 UTC), and SEC Chair Gary Gensler published his clarification 15 minutes later.

10

The statement suggested that SEC staff never lost access to the account, saying they had deleted the fake post, un-liked some other bitcoin-related tweets and shared an update on the main SECgov account within 30 minutes.

Advertisement
Advertisement

"Staff also reached out to X.com for assistance in terminating the unauthorized access to the @SECGov account. Based on information currently available, staff believe that the unauthorized access to the account was terminated between 4:40 pm ET and 5:30 pm ET," the statement said.

An SEC spokesperson said on Wednesday that the FBI was investigating the issue, adding that the SEC did not draft the message (dispelling rumors that the fake approval notice was an already planned announcement that was released prematurely). Friday's statement added that the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) are also investigating.

On Wednesday, the SEC did approve nearly a dozen bitcoin ETF applications, which began trading a day later.

The hack alarmed a number of lawmakers, who publicly demanded answers about how it happened. Senators Ron Wyden (D-Ore.) and Cynthia Lummis (R-Wyo.) published a letter on Thursday asking that SEC Inspector General Deborah Jeffrey's office open an investigation into the hack "and the SEC's apparent failure to follow cybersecurity best practices."

Future hacks could harm public markets and their stability, the letter said.

The letter followed Senators J.D. Vance (R-Ohio) and Thom Tillis (R-N.C.), who similarly asked Gensler to brief their teams on a number of questions around the hack and the SEC's decision-making on bitcoin ETFs, including how the SEC "plans to rectify any financial losses borne by investors as a result of the errant announcement."

Advertisement
Advertisement

"The SEC takes its cybersecurity obligations seriously. Commission staff are still assessing the impacts of this incident on the agency, investors, and the marketplace but recognize that those impacts include concerns about the security of the SEC’s social media accounts. The staff also will continue to assess whether additional remedial measures are warranted," the SEC's statement on Friday said.

你可能也喜歡

回购销毁只是空头承诺?代币与股权难以弥合的权利鸿沟

当你持有公司股票,便享有剩余索取权和投票、分红等法定权利。加密协议常向代币持有者描绘类似蓝图,即参与治理并分享收益,但这本质上是一种缺乏法律强制力的单方面承诺。 股票的核心在于其代表可依法强制执行的企业所有权。而代币持有者无权强制获得股息或收购款项,项目常用的“回购销毁”政策也可被团队单方面修改或终止,代币持有者缺乏维权依据。 随着行业成熟,Venice AI、Aave等协议开始引入传统股权融资,导致了股权持有者(享有法定权利)与代币持有者(依赖项目方自愿政策)之间的权利鸿沟凸显。Houdini Swap被收购时代币持有者一无所获的案例,清晰展示了这种风险。 美国《CLARITY Act》法案推进将进一步激化矛盾。该法案拟将代币划分为“数字商品”或“证券”。若归为数字商品,则明确禁止赋予代币持有者针对企业营收、利润等资产的法定索取权。这意味着,目前游走在灰色地带的、承诺分享企业收益的回购销毁模式将面临巨大监管压力。 协议面临明确选择:要么承认代币是数字商品,停止宣传其能分享企业收益;要么将代币注册为证券,承担相应合规成本。Aave等协议尝试用自动化链上机制来增强承诺可信度,但这仍是代码而非法律合约,治理层仍可能投票更改。一旦外部股权投资者带着正式法律协议入场,“代币即资产”的旧叙事便难以为继。

Foresight News2 小時前

回购销毁只是空头承诺?代币与股权难以弥合的权利鸿沟

Foresight News2 小時前

交易

現貨
活动图片