SEC’s X account fell victim to SIM swap attack

The SEC’s X attack happened after the agency disabled two-factor authentication in July 2023

by Katherine Ross /
article-image

Artwork by Crystal Le

share

The US Securities and Exchange Commission admitted that the two-factor authentication on its X account had been disabled since July 2023. 

The SEC’s official X account was compromised earlier this month. An unauthorized person was able to not only access the account itself, but made a fake post announcing the approval of spot bitcoin ETFs. 

The post was left up on the account for roughly 15 minutes before Chair Gary Gensler took to his own account to announce that the SEC’s had been compromised. 

Newsletter

Subscribe to The Breakdown

In a follow up statement detailing what happened, the SEC said that X support asked the regulatory agency to disable the multi-factor authentication after the agency had difficulty accessing the account. 

Read more: ‘A real low point’: Congressman calls out SEC bitcoin ETF drama during House hearing

“MFA remained disabled until staff re-enabled it after the account was compromised on Jan. 9. MFA currently is enabled for all SEC social media accounts that offer it,” the statement said. 

The hacker was able to access the account through a SIM swap, which is when a phone number is transferred to another device without authorization. 

“Access to the phone number occurred via the telecom carrier, not via SEC systems. SEC staff have not identified any evidence that the unauthorized party gained access to SEC systems, data, devices or other social media accounts,” the SEC said.  

Read more: SEC should be held accountable for X account compromise: US senator says

The regulatory body is working with the Federal Bureau of Investigations, Homeland Security, the US Department of Justice and its own Division of Enforcement to track down the attacker. The agency previously disclosed that the FBI and Homeland Security’s cybersecurity department were involved in the investigation. 

“Among other things, law enforcement is currently investigating how the unauthorized party got the carrier to change the SIM for the account and how the party knew which phone number was associated with the account,” the statement continued.

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy ticketslearn more

Permissionless IV Hackathon

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

learn more

recent research

Research Report Templates (8).png

Research

Solana Meta Aggregators

Meta-aggregators like Titan and Kamino Swap improve price execution for users, making the Solana swapping landscape more competitive. Jupiter has incorporated meta-aggregation features into its latest routing engine to keep users on its front end (own the user, own the flow). At large, teams are treating swaps as a commoditized complement, offering incredibly cheap or free swaps to own the end-user and increase demand for high-margin product offerings (multi-product DeFi). On another note, the divergence in the concentration of aggregator volume between DEXs suggests increased specialization at the DEX layer by asset type.

by Carlos Gonzalez Campo

/

news

article-image

Forward Guidance NewsletterMarkets

Stocks, cryptos lower following Israel strike on Iran

Investors moved to safe assets like the US dollar and gold, but bonds faltered

by Casey Wagner /
article-image

BusinessThe Drop

Coinbase unveils Amex card, Shopify integration

The Amex offers up to 4% bitcoin back, but the deal is a bit ironic considering crypto’s goals

by Kate Irwin /
article-image

0xResearch NewsletterWeb3

Why are big games building on Avalanche instead of Ethereum?

Short answer: Subnets are now cheaper to bootstrap than a Celestia rollup

by Donovan Choy /
article-image

PeopleSupply Shock

How Peter Todd stored bitcoin in his brain wallet

Few things are more cypherpunk than keeping keys in your brain wallet

by David Canellis /
article-image

FinanceLightspeed Newsletter

Beam and Braid to offer stablecoins to smaller banks

Many community banks and credit unions feel like they missed the fintech craze — and they don’t want to miss stablecoins

by Jack Kubinec /
article-image

Empire NewsletterFinance

‘There’s so much opportunity’ in crypto: BlackRock COO

BlackRock COO Rob Goldstein noted that the firm had been looking into crypto since 2017

by Katherine Ross /