The Cyber Express reports:
The U.S. Securities and Exchange Commission (SEC) has officially confirmed a cyberattack on its X account, revealing that the breach was a result of a SIM-swapping attack on the cell phone number associated with the account.
The incident of the SEC X account hacked, which occurred on January 9, 2024, initially involved the dissemination of a false announcement suggesting the SEC’s approval of spot bitcoin Exchange-Traded Funds (ETFs), causing widespread misinformation.
More than 10 days after the breach, the SEC has released an official statement detailing the nature of the attack. The unauthorized party gained control of the SEC cell phone number associated with the SEC X account through a SIM swap attack, a technique used to transfer a person’s phone number to another device without authorization.
Read more at The Cyber Express.