TheCorporateCounsel.net

November 6, 2024

Cybersecurity: Arrest Made in Hack of SEC’s X Account!

Remember when the SEC’s X account was hacked earlier this year? A political circus ensued, and it eventually came out that the SEC hadn’t enabled two-factor authentication, which left its account vulnerable to a SIM swap scheme.

We hadn’t heard much more about the incident since January, but the wheels of justice have been turning. Last month, the DOJ announced the arrest of a 25-year-old Alabama man, who allegedly conspired with others. Here’s how the government says the crime happened:

As described in the indictment, Council, who used online monikers including “Ronin,” “Easymunny,” and “AGiantSchnauzer,” received personal identifying information (PII) and an identification card template containing a victim’s name and photo from co-conspirators. Council then used his identification card printer to create a fake ID with the information. Council proceeded to obtain a SIM card linked to the victim’s phone line by presenting the fake ID at a cell phone provider store in Huntsville, Alabama. He then purchased a new iPhone in cash and used the two items to obtained access codes to the @SECGov X account. Council shared those codes with members of the conspiracy, who then accessed the account – and issued the fraudulent tweet on the @SECGov X account in the name of the SEC Chairman, falsely announcing the SEC’s approval of BTC ETFs. Council received BTC payment for performing the successful SIM swap. Shortly after, Council drove to Birmingham, Alabama to return the iPhone used in the SIM swap for cash.

He later conducted internet searches for “SECGOV hack,” “telegram sim swap,” “how can I know for sure if I am being investigated by the FBI,” and “What are the signs that you are under investigation by law enforcement or the FBI even if you have not been contacted by them.”

Here’s the indictment with more details. The investigation is ongoing. So, the allegations haven’t been proven. And there may be more individuals who eventually face charges….

Liz Dunshee