SEC Statement on the Hack of Its X Account and the Resulting Fake Bitcoin ETF Approval Announcement

The regulator also provided a timeline of the events in question.

AccessTimeIconJan 13, 2024 at 12:36 a.m. UTC
Updated Mar 8, 2024 at 7:57 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

The U.S. Securities and Exchange Commission released this statement in response to the hack of its X account that led to a fake announcement being issued in the SEC's name saying the regulator had a approved a spot bitcoin exchange-traded fund:

Based on current information, staff understands that, shortly after 4:00 pm ET on Tuesday, January 9, 2024, an unauthorized party gained access to the @SECGov account by obtaining control over the phone number associated with the account. The unauthorized party made one post at 4:11 pm ET purporting to announce the Commission’s approval of spot bitcoin exchange-traded funds, as well as a second post approximately two minutes later that said “$BTC.” The unauthorized party subsequently deleted the second post, but not the first. Using the @SECGov account, the unauthorized party also liked two posts by non-SEC accounts. While SEC staff is still assessing the scope of the incident, there is currently no evidence that the unauthorized party gained access to SEC systems, data, devices, or other social media accounts.

  • Running With Crypto: 5 Questions With TRM Labs' Ari Redbord
    Running With Crypto: 5 Questions With TRM Labs' Ari Redbord
  • Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts
    Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts
  • Breaking Down the State of Hacking in 2024
    Breaking Down the State of Hacking in 2024
  • Crypto Hack Volumes Fell by More Than 50% in 2023: TRM Labs
    Crypto Hack Volumes Fell by More Than 50% in 2023: TRM Labs
  • Upon becoming aware of the incident, staff in the Office of Public Affairs posted to the official @garygensler account at 4:26 pm ET, alerting the public that the @SECGov account had been compromised, an unauthorized post was made, and the Commission had not approved the listing and trading of spot bitcoin exchange-traded products. Staff deleted the first unauthorized post on the @SECGov account, un-liked the two liked posts, and, at 4:42 pm ET, made a new post on the @SECGov account stating that the account had been compromised. Staff also reached out to for assistance in terminating the unauthorized access to the @SECGov account. Based on information currently available, staff believe that the unauthorized access to the account was terminated between 4:40 pm ET and 5:30 pm ET.

    The SEC takes its cybersecurity obligations seriously. Commission staff are still assessing the impacts of this incident on the agency, investors, and the marketplace but recognize that those impacts include concerns about the security of the SEC’s social media accounts. The staff also will continue to assess whether additional remedial measures are warranted.

    Staff are coordinating with appropriate law enforcement and federal oversight entities, including the SEC’s Office of Inspector General, the Federal Bureau of Investigation, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, amongst others, in their investigations. The agency will provide updates on the incident as appropriate. Importantly, the Commission makes its actions public on the Commission’s website, The Commission does not use social media channels to make its actions public; social media posts only amplify announcements that are made on our website.


    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.

    Read more about