SEC chairman faces questions from Congress after data breach

NEW YORK — The chairman of the Securities and Exchange Commission is likely to face an especially tough hearing in front of Congress on Tuesday, after the agency acknowledged that it also was a victim to a hack.

News about the breach of an SEC network that delivers company news and data to investors follows the disclosure of the massive data breach from credit company Equifax that allowed hackers to access or steal the personal information of 143 million Americans.

Jay Clayton, who has been at the head of the SEC since May, is not likely to face calls for his removal since the breach happened a year ago, before he was sworn in. But he may be questioned about whether the SEC — the federal government’s main arm for enforcing rules and regulations on Wall Street — is up to the task of keeping data secure.

WHAT QUESTIONS MAY CLAYTON FACE?

Two major issues in this SEC breach are the potential for insider trading and whether the SEC knew about the security breach for months and only recently decided to disclose it.

The SEC operates a system known as EDGAR, which allows publicly traded companies to upload digitally the documents they are required to share with investors. What appeared to happen is that hackers were able to get into the system in a way that allowed them to see companies filing their documents to the SEC but before those documents would be dispersed to the general public.

Clayton will likely have to answer how probable it is that insider trading took place and what the scope of it might be. He is also likely to be asked why the commission sat on the news of this breach until August when it happened a year ago. The hack occurred despite repeated warnings in recent years about weaknesses in the agency’s data security controls. Members of the Senate Banking Committee may well want to know what the SEC has done to secure its systems.

On Monday the SEC said it had created a new cyber unit that will target market manipulation, hacking and dark web operatives.

The agency also revealed a new team tasked with protecting every day investors from unsafe offers like pump-and-dump schemes in which the value of an investment is driven artificially high before being sold aggressively.

Source

NO COMMENTS