The United States Securities and Exchange Commission (SEC) Chair, Gary Gensler, has said there is “no evidence” that the unauthorized party who gained access to the SEC’s X (formerly Twitter) account on Jan. 9 accessed other systems, data, devices or social media accounts at the moment.
In a statement about the hack, Gensler emphasized that the SEC is taking the incident seriously and is currently evaluating the impact of the security breach on other agencies, as well as crypto investors and marketplaces.
Gensler stated that the SEC recognizes the impact of the security breach, including concerns about the security of the agency’s social media accounts. He further noted that staff will continue assessing whether additional remedial measures are warranted.
The SEC is collaborating with law enforcement and security agencies on the investigation, including the U.S. Federal Bureau of Investigation and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, among others.
According to Gensler’s statement, on Jan. 9, an unauthorized party took control of the official SECGov X account over its phone number at 4:11 pm Eastern Time and posted that the SEC had approved a spot Bitcoin (BTC) exchange-traded fund (ETF).
The SEC contacted X for assistance in terminating the unauthorized access. According to X, the unauthorized access was terminated between 4:40 pm ET and 5:30 pm ET.
Additionally, Gensler emphasized that the SEC does not use X or any other social media platform to announce any development.
In a Jan. 11 letter provided to Axios, Senators Ron Wyden and Cynthia Lummis urged SEC Inspector General Deborah Jeffrey to launch a probe into the commission’s cybersecurity practices.