The Securities and Exchange Commission (SEC) has shed light on the findings from its investigation into the incident involving Account X. In a recent tweet, @SECGov stated that they had initially approved a Bitcoin ETF, but the tweet was subsequently deleted, citing a hack on the account. (Later, it was actually announced that the approval was legitimate.)
SEC revealed that through a joint examination with the mobile network service provider, they discovered that the phone numbers linked to the SEC account had been accessed through a third-party service using a technique called SIM swap. This occurred because the account did not have two-factor authentication (2FA) enabled, which would have provided an additional layer of identity verification through SMS on the mobile phone.
SEC explained that 2FA was originally enabled for this account, but due to accessibility issues in July 2023, Service Provider X decided to disable it. However, following this incident, all SEC accounts have now successfully enabled 2FA.
TLDR: SEC approved a Bitcoin ETF, but the initial announcement tweet was deleted after a hack on the account. Through a joint examination with the mobile network service provider, SEC discovered a SIM swap technique was used to access the account, which didn’t have 2FA enabled. SEC has since enabled 2FA on all accounts. (Source: CNBC)
Leave a Comment