Comment on this storyCommentAdd to your saved storiesSave
The Securities and Exchange Commission said on Tuesday that an “unknown party” had accessed its official account on the social media platform
The @SECGov account posted on the platform formerly known as Twitter that the agency had approved Bitcoin exchange-traded funds for listing on national exchanges.
The post came just after 4 p.m. and attracted millions of views before the SEC regained control and said the earlier statement was false. At this point, some media had already reported on the first article.
SEC Chairman Gary Gensler later Posted on X that the agency's “account was compromised and an unauthorized tweet was posted.” The SEC has not approved the listing and trading of spot Bitcoin exchange-traded products.”
His post followed an SEC statement that the hacker had briefly seized control.
“The SEC will work with law enforcement and our partners across the government to investigate the matter and determine appropriate next steps related to the unauthorized access and related misconduct,” said spokeswoman Stephanie Allen.
Bitcoin supporters have repeatedly asked the SEC for permission to list such funds, saying they would offer investors a more regulated way to participate in the crypto markets.
The false post caused Bitcoin prices to briefly spike, meaning anyone who knew about the scam could have made a big profit.
The theft was also notable because, in addition to being a source of official news, the account was marked with an X with a silver checkmark, meaning it was verified as a prominent and important government account.
It's unclear whether such accounts include any special security measures, but it would be surprising if the SEC account didn't include at least a minimal form of two-factor authentication.
The hack follows smaller government accounts and some gold check accounts issued to private organizations in recent weeks.
Because these accounts also likely have two-factor authentication, some security experts believe the flood of hackers indicates there is a widespread security flaw or a new technology at play. X did not respond to an email seeking comment.