The India Watch

What It Means When the US SEC Says “SIM Swapping” Was Used to Hack Its X Account

<p><strong>(Reuters) –</strong>The U.S. Securities and Exchange Commission said on Monday that Wall Street’s top regulator was hacked earlier this month on the social media platform X, formerly known as Twitter and that it became a victim of “SIM swapping,” a tactic used by online scammers to take control of phone lines.</p>
<p><img decoding=”async” class=”alignnone wp-image-366929″ src=”” alt=” what it means when the us sec says sim swapping was used to hack its x account sim” width=”1010″ height=”673″ title=”What It Means When the US SEC Says "SIM Swapping" Was Used to Hack Its X Account 9″ srcset=” 510w,×100.jpg 150w” sizes=”(max-width: 1010px) 100vw, 1010px” /></p>
<p>The SEC also said that employees had disabled multi-factor authentication (MFA) six months before the incident and had not reinstated it until after the attack on January 9.</p>
<p>An anonymous individual or people obtained access to the account, making a bogus notice claiming permission had already been given. This caused a brief spike in the price of bitcoin as expectation grew for the agency’s approval of exchange-traded instruments tracking the cryptocurrency.</p>
<p>The next day, the commission approved in a divided vote.</p>
<p>Through the process of getting a phone number transferred to a different device, an attacker may take control of a phone number through SIM swapping.</p>
<p>An SEC representative stated in a statement, “Once in control of the phone number, the unauthorized party reset the password for the @SECGov account.”</p>
<p>The SEC said, without naming the carrier, that law enforcement authorities are investigating how the hackers were able to compel the SEC’s mobile provider to make the change.</p>
<p>Congress has requested answers about how the SEC, which imposes stringent cybersecurity rules on publicly listed businesses, could have allowed itself to be vulnerable to such an assault.</p>
<p>The statement released on Monday also said that in June 2023, SEC personnel requested X Support to deactivate MFA, a further security measure against illegal access, owing to account access issues.</p>
<p>According to the statement, “MFA is enabled for all SEC social media accounts that offer it.”</p>
<p>A request for comment from X was not immediately answered by a spokesperson.</p>
<p>Officials from the U.S. National Institute of Standards and Technology (NIST) told Reuters that although individual U.S. agencies determine their own regulations regarding access to social media accounts, NIST recommendations usually advocate the use of MFA.</p>
<p>According to the statement, the Federal Bureau of Investigation, Department of Justice, Cybersecurity and Infrastructure Security Agency, Commodity Futures Trading Commission, which oversees bitcoin futures, and the SEC’s Office of Inspector General and Division of Enforcement are among the agencies looking into the incident.</p>

Related posts

Indian Government Allows Citizens To File FIRs For IT Rule Violations On Social Media

After the DGCA approves the renewal of the air operator certificate, shares of Jet Airways close almost 5% higher

What It Means When Nintendo Stops Offering Online Services For The Wii U And 3DS In 2024

Here’s How Police Verification For Tenants Is Now Simple

These 5 big changes are going to happen in the country from tomorrow, will directly impact the common man’s pocket

Launch of the Google Pixel 8 Series: Review All Leaks And Rumors Here