The US Securities and Exchange Commission (SEC) waited until Wednesday to disclose a hack of its corporate filing system that occurred last year, raising questions about the agency’s ability to protect important financial information and comes as Americans are still weighing the consequences of the massive hack at Equifax Inc.
While the SEC discovered the breach to its corporate filing system last year, the agency said it only became aware last month that information obtained by the intruders might have been used for illegal trading profits.
Experts question the length of time taken to disclose the breach and why the SEC is not meeting the same security standards it demands of corporate America.
Photo: Reuters
“It took quite a while,” said Robert Cattanach, an attorney at Dorsey & Whitney and former trial attorney for the US Department of Justice, whose work includes cybersecurity and data breaches. “The integrity of our whole trading system is dependent on keeping this information secure... People have got some ‘splaining to do.”
The SEC did not explain why the initial hack was not revealed sooner, or which individuals or companies may have been affected. The disclosure came two months after a government watchdog said deficiencies in the corporate filing system put the system, and the information it contains, at risk.
The SEC also did not disclose any information about who might have carried out the breach. A hack by Chinese or Russian actors cannot be ruled out, experts say.
“Certainly state actors would be on the list of suspects that come to mind,” said Marcus Christian, a former federal prosecutor who is an attorney working in Mayer Brown’s cybersecurity and national security practices.
Still, the list would also include “regular old criminal actors,” Christian added.
SEC Chairman Jay Clayton disclosed the hack in a statement posted to the agency’s Web site. It came just two weeks after the credit agency Equifax revealed a stunning cyberattack that exposed highly sensitive personal information of 143 million people.
Clayton is to appear on Tuesday before the US Senate Banking Committee, and he is certain to be questioned about the hack.
US Senator and committee member Mark Warner said in a statement on Thursday that the disclosures by the SEC and Equifax show “that government and businesses need to step up their efforts to protect our most sensitive personal and commercial information.”
Clayton blamed the breach on “a software vulnerability” in the filing system known as EDGAR —Electronic Data Gathering, Analysis and Retrieval system.
EDGAR processes more than 1.7 million electronic filings a year. Those documents can cause enormous movements in the stock market, sending billions of US dollars into motion in fractions of a second.
The hack of EDGAR is especially concerning because of how widely investors have used and trusted the system, which first came online in the early 1990s.
Companies periodically file earnings and a range of financial information, and they alert investors to important developments that could affect their share prices, like government investigations, executive shake-ups and approaches for a takeover.
The domestic unit of the Chinese-owned, Dutch-headquartered chipmaker Nexperia BV will soon be able to produce semiconductors locally within China, according to two company sources. Nexperia is at the center of a global tug-of-war over critical semiconductor technology, with a Dutch court in February ordering a probe into alleged mismanagement at the company. The geopolitical tussle has disrupted supply chains, with some carmakers reportedly forced to cut production due to chip shortages. Local production would allow Nexperia’s domestic arm, Nexperia Semiconductors (China) Ltd (安世半導體中國), to bypass restrictions in place since October on the supply of silicon wafers — etched with tiny components to
Taiwan is open to joining a global liquefied natural gas (LNG) program if one is created, but on the condition that countries provide delivery even in a scenario where there is a conflict with China, an energy department official said yesterday. While Taiwan’s priority is to have enough LNG at home, the nation is open to exploring potential strategic reserves in other countries such as Japan or South Korea, Energy Administration Deputy Director-General Chen Chung-hsien (陳崇憲) said. While the LNG market does not have a global reserve for emergencies like that of oil, the concept has been raised a few times —
Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) yesterday received government approval to deploy its advanced 3-nanometer (3nm) process at its second fab currently under construction in Japan, the Ministry of Economic Affairs said in a news release. The ministry green-lit the plan for the facility in Kumamoto, which is scheduled to start installing equipment and come online in 2028 with a monthly production capacity of 15,000 12-inch wafers, the ministry said. The Department of Investment Review in June 2024 authorized a US$5.26 billion investment for the facility, slated to manufacture 6- to 12nm chips, significantly less advanced than 3nm process. At a meeting with
Standard Chartered Taiwan on March 26 announced that it has partnered with international fintech firm FinIQ to build an “Automated Structured Products Pricing Platform.” The bank is also introducing products from global issuers including Goldman Sachs Group Inc, Barclays PLC and BNP Paribas SA. The new platform enables an end-to-end process whereby it finds the most competitive pricing across multiple issuers in a matter of minutes, followed by automated documentation and transaction execution, which significantly shortens time-to-market and delivers a superior wealth management experience. Standard Chartered Bank Taiwan CEO Anthony Yu (游天立) said: “Standard Chartered is increasingly leveraging its wealth management
RSS