mailing list archives
SEC left stocks data vulnerable to hackers: Report
From: security curmudgeon <jericho () attrition org>
Date: Sat, 10 Nov 2012 22:11:55 -0600 (CST)
---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>
November 9, 2012
WASHINGTON -- Securities and Exchange Commission staffers left
highly-sensitive information from stock exchanges open to hacking and
cyber-attacks because they didn't adequately protect the security of some
computers and other electronic devices, according to Reuters, citing
people familiar with what happened.
The new agency's sources added that there were no signs that any hacking
or spying occurred.
The devices "belonged to a handful of employees in an office within the
SEC's Trading and Markets Division. That office is responsible for making
sure exchanges follow certain guidelines to protect the markets from
potential cyber threats and systems problems," Reuters says.
Some of them even brought the devices to a Black Hat conference, where
experts get together to talk about the latest trends in hacking. It wasn't
clear why the staffers did that, Reuters says.
The lapses are spelled out in a report that SEC Interim Inspector General
Jon Rymer hasn't released yet, Reuters reports.
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list
Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.
- SEC left stocks data vulnerable to hackers: Report security curmudgeon (Nov 12)