[30 second read]
- On September 20th, 2017, the Securities and Exchange Commission (SEC) disclosed to the public that its databases are infiltrated.
- Impact: Hackers may have used this information to enable insider trading.
- Attack vector: Hackers exploited a software vulnerability in EDGAR system, which is used by companies to submit their financial filings online.
- The EDGAR system was promptly patched to prevent further damage.
- Such data breaches can be made difficult by always encrypting sensitive information, deploying intrusion detection systems and sanctioning unsupported software which SEC failed to implement fully.