Securities and Exchange Commission (“SEC”) Chairman Jay Clayton has announced that the agency’s computers were breached in 2016, possibly causing private information in its Electronic Data Gathering And Retrieval (“EDGAR”) filing system to be used for making illegal trades. In a statement issued on Wednesday, Clayton said an investigation is underway, but the SEC believes the security breach did not create unauthorized access to personally identifiable information, endanger the market regulator’s operations, or lead to systemic risk.
Aside from stating that it detected the breach last year, the SEC has provided few details. The SEC did note that it realized last month that confidential information could have been used for making trades. Additionally, the SEC blamed the breach on a software vulnerability one of EDGAR’s test filing components, but the flaw was fixed shortly after its discovery.