SEC’s X account fell victim to SIM swap attack

The SEC’s X attack happened after the agency disabled two-factor authentication in July 2023

by Katherine Ross /
article-image

Artwork by Crystal Le

share

The US Securities and Exchange Commission admitted that the two-factor authentication on its X account had been disabled since July 2023. 

The SEC’s official X account was compromised earlier this month. An unauthorized person was able to not only access the account itself, but made a fake post announcing the approval of spot bitcoin ETFs. 

The post was left up on the account for roughly 15 minutes before Chair Gary Gensler took to his own account to announce that the SEC’s had been compromised. 

In a follow up statement detailing what happened, the SEC said that X support asked the regulatory agency to disable the multi-factor authentication after the agency had difficulty accessing the account. 

Read more: ‘A real low point’: Congressman calls out SEC bitcoin ETF drama during House hearing

“MFA remained disabled until staff re-enabled it after the account was compromised on Jan. 9. MFA currently is enabled for all SEC social media accounts that offer it,” the statement said. 

The hacker was able to access the account through a SIM swap, which is when a phone number is transferred to another device without authorization. 

“Access to the phone number occurred via the telecom carrier, not via SEC systems. SEC staff have not identified any evidence that the unauthorized party gained access to SEC systems, data, devices or other social media accounts,” the SEC said.  

Read more: SEC should be held accountable for X account compromise: US senator says

The regulatory body is working with the Federal Bureau of Investigations, Homeland Security, the US Department of Justice and its own Division of Enforcement to track down the attacker. The agency previously disclosed that the FBI and Homeland Security’s cybersecurity department were involved in the investigation. 

“Among other things, law enforcement is currently investigating how the unauthorized party got the carrier to change the SIM for the account and how the party knew which phone number was associated with the account,” the statement continued.

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Research

by Research Team

news

article-image

DeFiSupply Shock

How Bitcoin survived a DoS attack now worth $24M

Big blockers wasted a bitcoin fortune trying to prove a point

by David Canellis /
article-image

BusinessEmpire Newsletter

Exclusive: Coinbase acquires Opyn’s leadership team

Coinbase’s newest acquisition includes the CEO and Head of Research from Opyn

by Katherine Ross /
article-image

The Breakdown

Thursday links: Time travel, anti-capitalism, ETH, pump.fun

Crypto’s highest purpose might be to make markets better by making them bigger

by Byron Gilliam /
article-image

Lightspeed NewsletterPolicy

Solana Policy Institute wants to see more equities issued onchain

The non-profit’s “Project Open” seeks to let stocks trade directly on Solana

by Jack Kubinec /
article-image

Business

Pump.fun acquires wallet tracker Kolscan

The acquisition is Pump.fun’s first, and comes just days before its planned ICO

by Katherine Ross&Jack Kubinec /
article-image

Forward Guidance NewsletterMarkets

All signs are pointing to the dollar heading lower. Will it?

As Trump’s tariff war reignites, everyone is assuming the dollar will continue its path lower. But the journey might be bumpy

by Felix Jauvin /