Hackers accessed the Securities and Exchange Commission's database and may have illegally profited by trading on the stolen information. Fred Katayama reports.
The Securities and Exchange Commission said it got hacked in 2016. It quickly patched that vulnerability. But, last month, it realized the glitch could have helped hackers make illicit trades. The SEC stores a lot of information that could be used for insider-trading or manipulating equity markets, including earnings reports and statements on mergers and acquisitions. Technology lawyer Mark Grossman: (SOUNDBITE) MARK GROSSMAN, ENTERPRISE TECHNOLOGY LAWYER, TANNENBAUM HELPERN, (ENGLISH) SAYING: "It's yet another hacking debacle. We thought Equifax was a big deal, with the 143 million people's records exposed, this is even bigger. I mean, who knows how many billions and billions of dollars in impact the SEC hack could have on the stock market. And, a bigger picture, it just makes the point that nobody, not even the government, is too big to be hacked." In July, a report from the Government Accountability Office said the SEC did a lousy job securing its databases. It said the Commission did not always fully encrypt sensitive information, used unsupported software, failed to fully implement an intrusion detection system and made missteps in how it configured its firewalls, among other things.