Hackers Breached the SEC and Profited Off Pre-Public Information

September 22nd, 2017

 

The SEC has reported that the EDGAR system was hacked by nefarious actors in 2016, and they were able to access companies’ financial disclosures before they were released publicly.  Although the SEC was able to patch the breach in their security systems and protocols fairly quickly, Chairman Jay Clayton admitted “that some may have used it to make illegal profits.”

You can read more here, here, and here.

Coming on the heels of the massive data breach at Equifax earlier this month, this news might rattle the cages of security-conscious public companies.  In his statement on the incident, Clayton also made clear that the SEC is “continuing to investigate the breach and its possible consequences,” and it seems likely that the SEC will be making inquiries regarding the path that pre-public financial information takes as it wends from the companies themselves, through the filing agents, and finally to the SEC.

As Reuters states in their article on the hack, “Cyber criminals have targeted financial information hubs before — the Hong Kong stock exchange and the Nasdaq stock exchange in New York were targeted by hackers in 2011.”  Hackers and cyber thieves see considerable money to be made accessing pre-public information, and they have proven as much by targeting stock exchanges and now even the SEC.

This is why RDG has always made the security of our clients’ pre-public information our highest priority.

RDG is proud of the fact that we do not send any of our clients’ documents overseas to be converted.  We also take pride in the fact that all our staff is US-based, as this is a central aspect of our commitment to both data security and customer service.  Another important part of our commitment to both data security and quality is the fact that all our EDGAR conversion and XBRL tagging software is proprietary.  We have built all our own tools for maximum security and quality, and we maintain all our tools and data on our own SSAE16 certified secure servers, which are located in a world-class co-location facility with redundant storage capacity, multiple back-ups for power, dual and backup internet connections, and full hardware redundancy.

We encourage public companies to ask their SEC filing agent some very important questions:

  • Do you send any part of my documents to a 3rd party for EDGAR conversion or XBRL tagging?
  • Do you send any part of my documents overseas for EDGAR conversion or XBRL tagging?
  • Are all of your employees US-based?
  • What are your security protocols and procedures?

Please contact us if you have any questions about the hack of the SEC or about RDG’s service.

We will be looking forward to hearing from you. Get in touch with us anytime!

Stewart Walker

415.643.6017

Tags: , ,