Is The Data Breach At The SEC A Cause Of Concern To Investors

by Trefis Team
Rate   |   votes   |   Share

Recently, the Securities Exchange Commission (SEC), an independent agency which governs the securities markets, admitted that its filing system was breached and hackers might have gotten access to material non-public information allowing them to enter into profitable insider trading. All companies listed on U.S. exchanges have to regularly file important information such as material events, financial results, change in shareholding, etc. with the SEC. These filings are maintained in the EDGAR database where links are available to download the information. Anyone can access this database, search for company filings, and analyze the publicly available information. However, access to this data before it is made public will be tantamount to “insider information” and can be used for profitable insider trading.  This puts other investors in a disadvantageous position, since hackers can use the material non-public information for their benefit. The SEC has regulations in place to prevent insider trading, however if its systems are breached it exposes a huge data mine which can be used illegally for profitable trades.  Investor groups have demanded a probe into the data breach and sought an assurance that such breaches will not recur.

According to the SEC, the hackers exploited “software vulnerability in the test filing component of its EDGAR system.” This component is used by companies to “park” their announcements before they are made public, check the formatting, and get feedback from the SEC. These test filings could contain sensitive data that can impact stock prices and hence a breach in this database can give an undue advantage to hackers.  While the hacking incident took place in 2016, the SEC could establish only in August 2017 that this could have led to profitable insider trading. However the quantum of insider trading might not be significant, given that the time gap between the test filing and the information being made public would not be very long.

This incident exposes the vulnerability of SEC systems which are a repository to non-public material information such as draft listing documents (proposing a suggested market listing) and draft regulations which can have an impact on corporations. However, the SEC is investigating this issue, the existing loophole has already been plugged, and we believe a future hack is highly unlikely.

See More at Trefis | View Interactive Institutional Research (Powered by Trefis)

Get Trefis Technology

Rate   |   votes   |   Share

Comments

Name (Required)
Email (Required, but never displayed)
Be the first to comment!