SEC Comments on Hack of Its X Account and Resulting Fake Bitcoin ETF Approval Announcement

The U.S. Securities and Exchange Commission said Friday its systems and devices were not breached by the party responsible for tweeting out a fake bitcoin ETF approval announcement earlier this week.

On Tuesday, the SEC's official X (formerly Twitter) account, @SECgov, tweeted that the agency had approved a number of spot bitcoin exchange-traded fund (ETF) applications to begin trading, a message that was ultimately shown to be faked by someone who was able to gain access to the account through the phone number associated with it. On Friday, the SEC statement provided a timeline of events on Tuesday, saying the first "unauthorized post" came at 4:11 p.m. ET (21:11 UTC), and SEC Chair Gary Gensler published his clarification 15 minutes later.

The statement suggested that SEC staff never lost access to the account, saying they had deleted the fake post, un-liked some other bitcoin-related tweets and shared an update on the main SECgov account within 30 minutes.

"Staff also reached out to X.com for assistance in terminating the unauthorized access to the @SECGov account. Based on information currently available, staff believe that the unauthorized access to the account was terminated between 4:40 pm ET and 5:30 pm ET," the statement said.

An SEC spokesperson said on Wednesday that the FBI was investigating the issue, adding that the SEC did not draft the message (dispelling rumors that the fake approval notice was an already planned announcement that was released prematurely). Friday's statement added that the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) are also investigating.

On Wednesday, the SEC did approve nearly a dozen bitcoin ETF applications, which began trading a day later.

The hack alarmed a number of lawmakers, who publicly demanded answers about how it happened. Senators Ron Wyden (D-Ore.) and Cynthia Lummis (R-Wyo.) published a letter on Thursday asking that SEC Inspector General Deborah Jeffrey's office open an investigation into the hack "and the SEC's apparent failure to follow cybersecurity best practices."

Future hacks could harm public markets and their stability, the letter said.

The letter followed Senators J.D. Vance (R-Ohio) and Thom Tillis (R-N.C.), who similarly asked Gensler to brief their teams on a number of questions around the hack and the SEC's decision-making on bitcoin ETFs, including how the SEC "plan[s] to rectify any financial losses borne by investors as a result of the errant announcement."

"The SEC takes its cybersecurity obligations seriously. Commission staff are still assessing the impacts of this incident on the agency, investors, and the marketplace but recognize that those impacts include concerns about the security of the SEC’s social media accounts. The staff also will continue to assess whether additional remedial measures are warranted," the SEC's statement on Friday said.