Regulator admits key security procedure on X account was suspended six months before it was hacked.
  • AutoTL;DR@lemmings.worldBEnglish
    8·
    5 months ago

    This is the best summary I could come up with:

    The US financial regulator has confirmed a key security procedure on its X account had been suspended for six months when hackers made a fake post about Bitcoin in January.

    The Securities and Exchange Commission (SEC) did not have multi-factor authentication (MFA) in place when hackers gained access to the account.

    "Once access was re-established, MFA remained disabled until staff re-enabled it after the account was compromised on January 9.

    Because MFA had been suspended on the account, the hacker was able to reset the password, log in and make a post.

    It announced the SEC had approved so-called exchange-traded funds (ETFs) for Bitcoin, which shot up in value to $48,000 (£37,800) before the post was withdrawn.

    It takes many forms, including having a dedicated app that gives you a pin code for a website, as well as sending a text message, though this is considered less secure.

    The original article contains 444 words, the summary contains 148 words. Saved 67%. I’m a bot and I’m open source!