Attackers who breached the US Securities and Exchange Commission took advantage of businesses using legitimate financial data while testing the SEC's EDGAR system, Reuters reports, citing sources familiar with the matter.
EDGAR is a network that businesses use to file earnings reports and other material information. The purpose of the test process, which takes place before businesses file normal reports, is to verify formatting is correct and reports are free of submission errors, Reuters states.
Corporations are supposed to use "dummy data" during the testing phase, the source explains, but information is supposed to be protected as though it's authentic. However, some companies used legitimate data and it was not properly secured. The source reports not many businesses used real data that is believed to have been compromised.
This SEC hack, which took place in October 2016 and was discovered that month, appears to have been routed through an Eastern European server, according to an internal government memo. The FBI and US Secret Service have launched an investigation, which Reuters' sources discussed anonymously because it has not been made public.
Between October 2016 and April 2017, the SEC documented several cybersecurity incidents, according to one source familiar with the matter. While Reuters was not immediately able to confirm the nature of each event, several involved EDGAR, the source added. In a case unrelated to EDGAR, a server intended for SEC use was not updated to fix security flaws.
SEC Chairman Jay Clayton will confirm the investigation when he testifies before the Senate Banking Committee on Tuesday, the report states.
Read more details here.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.