The SEC says hackers may have made money from breaking into its corporate filing system and gaining access to inside information about companies.
In the midst of a lengthy statement late Wednesday, SEC Jay Clayton disclosed that the markets regulator learned last month that a hack detected last year “may have provided the basis for illicit gain through trading.”
The hackers took advantage of a software vulnerability in the SEC’s EDGAR system, a vast database that holds all the documents publicly traded companies have to file with the regulator. Through the flaw, the intruders were able to obtain information that hadn’t been made public, Clayton said.
The vulnerability was fixed “promptly after discovery” and the SEC thinks it didn’t “result in unauthorized access to personally identifiable information, jeopardize the operations of the commission, or result in systemic risk,” Clayton said.
He added, though, that the regulator’s investigation is continuing and that it’s “coordinating with appropriate authorities.”
