The cryptocurrency community was recently stirred by a hack of the SEC’s Twitter account, which falsely announced the approval of a Bitcoin ETF. SEC Chairman Gary Gensler confirmed the unauthorized access occurred on January 10, 2024, around 00:03 Turkey time, when a hacker took control of the related phone number and tweeted the false approval at 16:11.
A subsequent tweet at 00:08 contained only the word “BTC.” While the second post was deleted, the initial announcement remained online. The SEC assured that there were no signs of the hacker accessing other SEC systems, data, devices, or social media accounts.
The SEC’s Public Relations Office quickly responded, warning the public of the danger within 20 minutes via a tweet from Gensler’s official account, clarifying that the Commission had not approved any spot bitcoin exchange-traded products. The official SEC account @SECGov confirmed the breach at 00:42 and sought assistance from X.com to terminate unauthorized access, which was successfully done approximately four hours later.
Recognizing the severity of the incident, the SEC emphasized its commitment to cybersecurity obligations. The staff continues to evaluate the incident’s impact on the SEC, investors, and markets, with a focus on the security of the SEC’s social media accounts. Ongoing assessments will determine if additional corrective measures are necessary.
In response to the hack, SEC personnel are coordinating with law enforcement and federal oversight agencies, including the FBI and the Cybersecurity and Infrastructure Security Agency. These joint efforts aim to thoroughly investigate the hack. The SEC will provide updates on the incident as deemed appropriate and prefers to announce actions only through its official website, using social media channels to reinforce website announcements.
