Last year, the Securities and Exchange Commission got hacked. It didn’t say anything about said hack until last month, however, presumably to avoid embarrassing itself by saying something that further probing would demonstrate untrue. For instance, while it discovered the hack a year ago, it didn’t realize until August that the information so acquired was used for a little insider-trading.
Alas, this admirable and, in the current environment, highly unusual exercise in fact-finding and discretion, didn’t work. For when, two weeks ago, SEC Chairman Jay Clayton admitted that, sure, hackers had gotten illicit access to non-public filings in its Edgar system, and, yea, it turns out they used that information to do some illicit trading, he also said that at least the SEC wasn’t Equifax. Except that it was, albeit on a much, much smaller scale.
Hackers who broke into a U.S. regulatory database that stores market-moving corporate information also accessed personal details about two people, including their names, dates of birth and Social Security numbers….
The SEC has offered to pay for an identity theft protection and monitoring service for people whose information was compromised by the breach.