Learn from the social media breach at SEC
Dr. Martin Shelton
January 18, 2024
Screenshot of @SECGov’s X post describing breach of their account.
It’s the Digital Security Training team at Freedom of the Press Foundation (FPF), with security news that keeps you, your sources, and your devices safe. If someone has shared this newsletter with you, please subscribe here.
Last Tuesday, the U.S. Securities and Exchange Commission’s account on X, formerly known as Twitter, was hijacked and used to post about the approval of a Bitcoin exchange-traded fund. In a statement, X said that the account was taken over after an attacker got hold of the phone number associated with the account. Additionally, it said the account did not have two-factor authentication enabled, which could have prevented the attacker from accessing the account without the appropriate secondary credentials. This comes against the backdrop of a number of high-profile account breaches on X that involve cryptocurrency schemes, including the breach of Mandiant, a prominent cybersecurity outfit owned by Google. Read more about the SEC breach here.
Threats to press freedom around the world are at an all-time high. Sign up to stay up to date and take action to protect journalists and whistleblowers everywhere.
Thanks for signing up for our newsletter. You are not yet subscribed! Please check your email for a message asking you to confirm your subscription.
We are always ready to assist journalists with digital security concerns. Reach out here, and stay safe and secure out there.
Best,
Martin