Regulator reporting tool hacked possibly for insider trading purposes


In September 2017, the top US markets regulator disclosed that hackers had infiltrated its database that stores company financial filings which potentially allowed hackers to trade on inside information. The hackers exploited a software vulnerability in the agency’s system which “was patched promptly after discovery".

The agency confirmed they had detected the breach a year ago but did not understand the extent of the breach until a separate investigation gave cause to believe the breach may have provided the basis for illicit gain through trading.

According to the agency's chairman "We believe the intrusion did not result in unauthorized access to personally identifiable information, jeopardize the operations of the Commission, or result in systemic risk”.

The agency were criticised for their incident response and for their lax approach to security, especially given their oversight role on this topic for US regulated firms.

Book a consultation

Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:


  • US Securities and Exchange Commission

We've done the analysis so you can make the decisions

When purchasing a minimum of 5 Case Studies
$699.99 if buying less than 5.

  • Detailed cause & effect analysis
  • Lessons learnt catalogued
  • Preventive controls extracted
Add to Cart
Heads up! Want to try before you buy? You can download our FREE demo case study here