Wall Street's top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading.

The incursion at the Securities and Exchange Commission (SEC) struck at the heart of the U.S. financial system. The SEC's EDGAR filing system is the central repository for market-moving information on corporate America with millions of filings ranging from quarterly earnings to statements on acquisitions.

Accessing documents before they are released publicly would offer hackers a lucrative opportunity to trade on that information.

The SEC said late on Wednesday that a hack occurred in 2016 but it had only discovered last month that the cyber criminals may have used the information to make illicit trades.

SEC Chairman Jay Clayton gave members of Congress a "courtesy call" about the hack late on Wednesday afternoon, said Rep. Bill Huizenga, chairman of the House subcommittee on Capital Markets, Securities, and Investment, which oversees the SEC.

"I’m glad that Jay Clayton has decided to acknowledge this and release it, warts and all,” Huizenga said.

"It’s hugely problematic and we’ve got to be serious about how we protect that information as a regulator. I’m hoping that this leads to some vast improvements and an uptick in the vigilance that all the regulators are going to have with information that’s coming to them.”

The disclosure has rattled investors' faith in the security of their data. It comes two weeks after credit-reporting company Equifax said hackers had stolen data on more than 143 million U.S. customers, and in the wake of last year's cyber attack on SWIFT, the global bank messaging system.

It is particularly embarrassing for the SEC and its new boss Clayton, who has made tackling cyber crime one of the top enforcement issues during his tenure.

“The chairman obviously recognizes the irony of the SEC potentially serving as the unwitting tipper in an insider trading scheme," said John Reed Stark, a former SEC staff member and cyber expert.

First « 1 2 » Next