U.S. Senators grill SEC chair on disclosure of data breach
That has raised concerns that the hackers may have gained advance looks at filings and engaged in insider trading. Sherrod Brown, D-Ohio, acknowledged that the breach occurred before Clayton took office. He did not confirm or deny that the SEC was investigating the issue. However, he opened the door to potentially forcing the executives to return the proceeds of the stock sales, if the company’s six-week delay in disclosing the breach is found to be improper. He also said the agency needed more resources for data security and to combat future attacks.
SEC chairman: 'We want and need' IT modernization fund Trump admin wants to eliminate
The Securities and Exchange Commission chairman told senators Tuesday that agency needs to keep its long-term IT modernization fund in order to defend against future cyber breaches. SEC Chairman Jay Clayton told members of the Senate Banking, Housing and Urban Affairs Committee that in light of a 2016 cyber breach to its filing system, which it only disclosed last week, the agency would be requesting more money from Congress in its upcoming budget proposal. “We went with a flat budget for the next fiscal year,” Clayton said, referring to fiscal 2018, which begins Oct. “We want and need the $50 million for IT,” Clayton said. “We are using it, and it’s part of our budget going forward.” In May, the Office of Management and Budget released a fiscal 2018 budget proposal that would eliminate the SEC’s reserve fund.
U.S. SEC chair grilled by Senate panel over cyber breach, Equifax
The Senate Banking Committee grilled Clayton on Tuesday over a 2016 hack of EDGAR, the agency’s online corporate financial disclosure system, only disclosed last Wednesday, which has shaken confidence in the SEC’s cyber defenses. Clayton fielded several questions from senators on the recent Equifax Inc data breach in which hackers stole personal data of about 143 million customers of the credit reporting firm, including on the timing of the company’s disclosure. Clayton said he only learned about the 2016 hack in August and that the SEC’s enforcement staff and inspector general’s office have launched internal probes. Clayton said the hack was possibly the result of a defect in the EDGAR software and said that personally identifiable information did not appear to have been put at risk, but he declined to provide further detail. He said the SEC was still determining the extent and impact of the breach and that it could take “substantial time” to complete due to the amount of data that needed to be analyzed.
SEC is hiring more cybersecurity help after breach that may have let hackers profit from stock trades
In his first appearance before the Senate Banking Committee since taking office, Clayton faced some critical questioning from lawmakers about the agency’s handling of the breach and how the SEC would manage the fallout from the massive hack of the credit reporting company Equifax that exposed the personal information of 143 million people. There can sometimes be a lag between the time when the reports are electronically filed with the agency and when they can be viewed by the public, making the system a potentially lucrative target to hackers hoping to learn sensitive information before the rest of the market. The agency’s Office of Inspector General and other officials are investigating the extent of the breach, including how much data may have been taken and how long hackers had access to the system, he said. The company’s longtime chief executive, Richard Smith, announced his retirement Tuesday, but lawmakers said that does not resolve the matter. In 2015, fraudsters posted fake information on the site about the takeover of Avon Products, driving the company’s stock price up significantly before the hack was detected.
S.E.C. Hacking Response Provides Road Map for Compromised Companies
The more ominous message about the breach is that only recently has it come to light that the information may have been used to generate trading profit. It is no surprise that the hackers are at risk of penalties — in 2015, the Justice Department and the S.E.C. That provision has been interpreted by the federal appeals courts to cover intangible property, so anyone buying confidential information from the Edgar database could come within this prohibition. The temptation to hack the database will be powerful, which means protecting it will be one of the S.E.C.’s highest priorities. The industry has resisted the creation of the C.A.T., and the hacking at the S.E.C.
SEC chairman criticized by both parties over hack response
Securities and Exchange Commission Chairman Jay Clayton faced criticism from both sides of the political aisle Tuesday over his agency's handling of a 2016 cyberattack that may have allowed hackers to profit from trading on nonpublic information. Sherrod Brown of Cleveland, the panel's top Democrat, who questioned the agency's ability to hold companies responsible in light of its own failings. He said the SEC won't stand for executives taking advantage of non-public information to profit. He responded that the SEC is committed to ensuring the security of proprietary information, adding that the agency won't ask firms to turn over more data than it needs. Regarding the breach into the SEC's Edgar system, Clayton said he's ordered the agency's inspector general to conduct an investigation of who at the agency knew what and when they knew it.
SEC chair grilled on data breach
senators from both parties Tuesday grilled the chairman of the Securities and Exchange Commission – the agency responsible for policing Wall Street – on its handling of a 2016 data breach that was disclosed only last week. The hack breached the SEC’s system for handling corporate filings intended for investors, known as EDGAR. That has raised concerns that the hackers may have gained advance looks at filings and engaged in insider trading. The SEC’s disclosure also followed a much larger breach at credit reporting firm Equifax that exposed sensitive personal information belonging to 143 million Americans. On Monday the SEC said it had created a new cyber unit that will target market manipulation, hacking and dark-web operatives.
The Latest: SEC chair won't comment on Equifax exec trades
The Latest on SEC Chairman Jay Clayton's appearance before the Senate Banking Committee (all times local): The chairman of the Securities and Exchange Commission refused to comment Tuesday when asked if executives at Equifax engaged in insider trading when they sold shares after the company learned of a massive data breach but before it disclosed the hack to the public. Clayton said the bonuses should be recovered if the delay is found to be improper. Jay Clayton, the chairman of the Securities and Exchange Commission, is likely to face tough questions from a Senate banking panel, after the agency acknowledged that it also was a victim to a hack. Two major issues in the SEC breach are the potential any information obtained was used for insider trading and whether the SEC knew about the security breach for months and only recently decided to disclose it. Clayton has been at the head of the SEC since May, and is not likely to face calls for his removal since the breach happened a year ago.
Is SEC chief Clayton soft on cyber victims?
Market Data provided by Interactive Data (Terms & Conditions). Company fundamental data provided by Morningstar. Earnings estimates data provided by Zacks. Mutual fund and ETF data provided by Lipper. Economic data provided by Econoday.
Equifax executives will be held accountable, even if they resign: SEC's Clayton
Tester argued that the six-week delay in disclosure of the breach was “bizarre.” Clayton has indicated in the past that he thinks the disclosure process for companies needs some work. Market Data provided by Interactive Data (Terms & Conditions). Company fundamental data provided by Morningstar. Earnings estimates data provided by Zacks. Mutual fund and ETF data provided by Lipper.
Hackers May Have Profited From SEC Corporate Filing System Attack
Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world. Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world. The SEC discussed the 2016 hack in a lengthy statement by Clayton on the agency’s cybersecurity efforts. While the SEC handles non-public drafts of rules and personally-identifiable information, it said it doesn’t believe the breach led to unauthorized access of that type of data, endangered the operations of the agency, or resulted in “systemic risk.” Still, Wednesday’s disclosure may heighten concerns around the Consolidated Audit Trail, an enormous database of equity trades that is being built to give regulators better transparency into markets and help them figure out more quickly the causes of disruptions. The former Wall Street deals lawyer has discussed cyberrisks on multiple occasions in the context of the threats public companies face and their responsibilities to protect themselves.
Lawmakers Criticize SEC Chairman Over Handling of Hack
WASHINGTON—U.S. senators, already facing distress calls from constituents over the Equifax Inc. hack, criticized the Securities and Exchange Commission’s new leader for how the agency handled a 2016 breach of its cornerstone system for storing market-moving information. “I was disturbed to learn that the SEC suffered a cyberbreach of its Edgar system in 2016, but did not notify the public, or even all of its commissioners, until it was discovered during your recent review,” Sen. Mike Crapo (R., Idaho), chairman of the...
SEC Chair Jay Clayton Testifies Oversight Hearing, Sep 26 2017
Securities and Exchange Commission (SEC) Chair Jay Clayton testified before the Senate Banking Committee on the priorities and agenda of his agency.… read more SEC Oversight Securities and Exchange Commission (SEC) Chair Jay Clayton testified before the Senate Banking Committee on the priorities and agenda of his agency. Chair Clayton addressed the 2016 SEC data breach saying he became aware of the attack in August 2017 and has since ordered an investigation by the agency’s inspector general. Republican and Democratic committee members voiced their concerns about the SEC’s failure to disclose the security breach more quickly. The hearing also focused on the recent data breach of Equifax, a credit reporting firm, which impacted an estimated 143 million Americans. close
Trying to Stem Fallout From Breach, Equifax Replaces C.E.O.
The roster of possible replacements had been depleted by the fallout from the cyberattack, which had compromised the personal information of much of the adult population of the United States. Three of the company’s senior executives, including the head of its largest division and the chief financial officer, are under scrutiny for selling stock after the breach was discovered but before it had been disclosed to the public. Smith retired, the board took an unusual step that reflected the damage from the breach. Half of the 10 outside board members are past or present fixtures of the Atlanta business community. Smith agreed that Equifax can decide at a later date on the specific terms of his departure, based on the findings of the special committee.
Trying to Stem Fallout From Breach, Equifax Replaces C.E.O.
The roster of possible replacements had been depleted by the fallout from the cyberattack, which had compromised the personal information of much of the adult population of the United States. Three of the company’s senior executives, including the head of its largest division and the chief financial officer, are under scrutiny for selling stock after the breach was discovered but before it had been disclosed to the public. Smith retired, the board took an unusual step that reflected the damage from the breach. Half of the 10 outside board members are past or present fixtures of the Atlanta business community. Smith agreed that Equifax can decide at a later date on the specific terms of his departure, based on the findings of the special committee.
Equifax CEO Richard Smith is out after stunning data breach
An Equifax spokeswoman said Smith is still scheduled to testify before the Senate Banking Committee on October 4. Equifax learned of the hack in late July but only disclosed it September 7. Equifax said he agreed to serve as an "unpaid adviser" to assist in the CEO transition. "Speaking for everyone on the Board, I sincerely apologize." Equifax said it has launched a search for a new CEO to guide it through what is likely to be a turbulent period. In the meantime, the company has tapped Paulino do Rego Barros Jr., an executive from its Asia Pacific division, to serve as interim CEO.
Equifax Says Departing CEO Won’t Get $5.2 Million in Severance Pay
Richard Smith won’t get any severance pay as he steps down as chief executive of beleaguered Equifax Inc., but is likely to receive an estimated $18.4 million in pension benefits, a company spokesman said Tuesday. Equifax on Tuesday announced that Mr. Smith was stepping down as both chairman and chief executive of the company just weeks after it disclosed a massive data breach. He had helmed the credit-reporting company for 12...
All the Ways Equifax Epically Bungled Its Breach Response
The breach of the credit monitoring firm Equifax, which exposed extensive personal data for 143 million people, is the worst corporate data breach to date. In the weeks since Equifax disclosed the breach, the company's official Twitter account has mistakenly tweeted a phishing link four times, instead of the company's actual breach response page. The technical details are still murky, but the incidents in March raise new questions about whether Equifax executives who sold almost $2 million in company stock in early August were aware of the breach when they unloaded the assets. But the company also acknowledged that it knew about the patch when it was first released, and had actually attempted to apply it to all its systems. "You’d think a company like that, guarding what they’re guarding, would have a heightened sense of awareness and that clearly was not the case." 'When your social media profile is tweeting out a phishing link, that's bad news bears.' —Michael Borohovski, Tinfoil Security Many experts note that this Equifax breach could represent a turning point in how institutions handle personal data.
Equifax CEO departs, forgoes bonus after massive data breach
Some observers said the move was a positive first step, though several U.S. senators looking into the cyber attack said the departure failed to remedy damage to the up to 143 million Americans whose data was compromised. Some corporate governance experts said the board’s probe into the attack could lead to more changes at the helm of the company. Maybe someone on the board needs to be removed,” said Brent Longnecker, head of compensation and corporate-governance consulting firm Longnecker & Associates. Democratic Senator Mark Warner said at a Senate hearing on Tuesday that the situation at Equifax was a “travesty” and Smith’s departure did not do enough to remedy the harm suffered by consumers.
Equifax CEO Steps Down In The Wake Of Major Hack
Richard Smith, the CEO of credit monitoring company Equifax Inc., announced his retirement on Tuesday effective immediately, the firm said in a statement. Earlier this month, the company said it had been hacked, putting the private information of 143 million Americans at risk ― including names, birthdays, addresses and Social Security numbers, in many cases. Smith is set to testify at a Senate Banking Committee next month. Paulino do Rego Barros Jr., head of the firm’s Asia Pacific region, will lead as interim CEO, according to Tuesday’s statement. Smith will serve as an unpaid adviser to assist in the transition.
SEC Discloses Edgar Corporate Filing System Was Hacked in 2016
WASHINGTON—The top U.S. markets regulator disclosed Wednesday that hackers penetrated its electronic system for storing public-company filings last year and may have traded on the information. The Securities and Exchange Commission’s chairman, Jay Clayton, revealed the breach in an unusual and lengthy statement issued Wednesday evening that didn’t provide many details about the intrusion, including the extent of any illegal trading....
Lawmakers Criticize SEC Chairman Over Handling of Hack
WASHINGTON—U.S. senators, already facing distress calls from constituents over the Equifax Inc. hack, criticized the Securities and Exchange Commission’s new leader for how the agency handled a 2016 breach of its cornerstone system for storing market-moving information. “I was disturbed to learn that the SEC suffered a cyberbreach of its Edgar system in 2016, but did not notify the public, or even all of its commissioners, until it was discovered during your recent review,” Sen. Mike Crapo (R., Idaho), chairman of the...
SEC Discloses Edgar Corporate Filing System Was Hacked in 2016
WASHINGTON—The top U.S. markets regulator disclosed Wednesday that hackers penetrated its electronic system for storing public-company filings last year and may have traded on the information. The Securities and Exchange Commission’s chairman, Jay Clayton, revealed the breach in an unusual and lengthy statement issued Wednesday evening that didn’t provide many details about the intrusion, including the extent of any illegal trading....
U.S. SEC says hackers may have traded using stolen insider information
The Securities and Exchange Commission (SEC) said the hack occurred in 2016 but that it had only discovered last month that the cyber criminals may have used the information to make illicit trades. The hackers exploited a software glitch in the test filing component of the system to gain access to non-public information, the agency said. The 27-page report by the Government Accountability Office found the SEC did not always fully encrypt sensitive information, used unsupported software, failed to fully implement an intrusion detection system and made missteps in how it configured its firewalls, among other things. Cyber criminals have targeted financial information hubs before -- the Hong Kong stock exchange and the Nasdaq stock exchange in New York were targeted by hackers in 2011. But the breach at the SEC is particularly egregious because its new boss, Jay Clayton, has made tackling cyber crime one of the top enforcement issues during his tenure.
