SEC Says Hackers Accessed EDGAR System, May Have Used Info for Inside Trading

Chris Gaetano
Published Date:
Sep 21, 2017

The Securities and Exchange Commission disclosed that hackers illegally accessed market-moving information through breaching the EDGAR system last year, and may have later used the files for insider trading. The disclosure was made in a larger statement about cybersecurity risks that the SEC itself faces. 

The EDGAR (Electronic Data Gathering, Analysis, and Retrieval) system performs automated collection, validation, indexing, acceptance, and forwarding of submissions by companies and others who are required by law to file forms with the U.S. Securities and Exchange Commission. The SEC cybersecurity statement said that this system receives and processes over 1.7 million electronic filings every year. Many of these filings are public, but the system also retains nonpublic information generally related to the SEC's supervisory duties. 

The SEC said that hackers had breached the EDGAR system in 2016 and recently learned that the information accessed could have provided the basis for insider trades (CNN said this hack was not disclosed to the public). It stressed that personally identifying information was not accessed, the operations of the SEC are not jeopardized, and did not result in a systemic risk. The hackers took advantage of a software flaw that has since been patched. 

The SEC said that an internal investigation was commenced immediately. The investigation is still ongoing. 

Click here to see more of the latest news from the NYSSCPA.