The SEC posted on its X (formerly twitter) account on Tuesday that the agency has "approved the listing of bitcoin ETFs on all registered national securities exchanges" and that "approved bitcoin ETFs will be subject to ongoing oversight and compliance measures to ensure continued investment "protection."
The post received more than 35,000 likes and more than 26,000 retweets in just 18 minutes before it was deleted, and SEC Chairman Gary Gensler later declared via Explain X that the agency's account had beenhackerInvasion.
Company X's security team today confirmed that its Twitter account @SECGov has been compromised. The company has completed its initial investigation and determined that the compromise was not due to a breach of its systems, but rather to an unidentified individual taking control of X-related phone numbers. @SECGov via a third-party account.
Company X can also confirm that the account was not enabled at the time of the thefttwo-factor authentication. Two-factor authentication is an extra strong account security measure that helps protect accounts from unauthorized access.
Company X encourages all users to enable two-factor authentication. For more information on how to do this, please visit Company X's Help Center: https://help.x.com/en/safety-and-security/account-security-tips
leakparticulars
According to Company X's investigation, unidentified individuals were able to take control of the phone numbers associated with X. @SECGov through a third party account. This allowed them to reset the account's password and gain access to the account.
The account did not have two-factor authentication enabled at the time of the theft. Two-factor authentication requires the user to provide two different authentication factors in order to log into the account. This typically includes a username, password, and a one-time code from a cell phone or other security device.
Response from Company X
Company X has taken steps to protect its systems from future attacks. The company has also updated its security policy to require two-factor authentication (2FA) to be enabled for all accounts.
Users' recommendations
Company X encourages all users to take steps to protect theirAccount Security. This includes:
- Use strong passwords and change them regularly
- Enable two-factor authentication
- Monitor their account activity and note any anomalies
Users may also take the following measures to protect their personal information:
- Be cautious about sharing personal information
- Use a secure browser andcyber securityhardware
- Keep your operating system and software up to date
Original article by Chief Security Officer, if reproduced, please credit https://www.cncso.com/en/us-sec-twitter-account-hacked.html
