SEC staffers leave computers open to cyber attack, report says

The agency was forced to hire a third-party firm and pay it at least $200,000 to determine if any breaches occurred.

Don Reisinger
CNET contributor Don Reisinger is a technology columnist who has covered everything from HDTVs to computers to Flowbee Haircut Systems. Besides his work with CNET, Don's work has been featured in a variety of other publications including PC World and a host of Ziff-Davis publications.
Don Reisinger
2 min read

Staffers in the SEC's Trading and Markets Division left their computers totally unprotected from possible security attacks, forcing the organization to scramble to determine if any sensitive data was stolen, Reuters reported, citing unidentified sources with knowledge of the situation.

As it turns out, the trading and markets division is charged with ensuring that markets don't fall victim to cyberattacks.

Reuters also reports that the staffers attended the annual Black Hat Conference for hackers and brought the unprotected computers with them.

Soon after the security issues were identified, the SEC hired a third-party company and paid it "at least $200,000" to determine if any breaches occurred. That firm could not find any evidence of a hack, Reuters says.

Still, the reported lapse in security underscores the growing importance of safeguarding financial-related networks. Last year, a report surfaced claiming federal authorities were investigating repeated intrusions into the Nasdaq stock exchange. Just months later, another report claimed hackers were targeting the U.S. Chamber of Commerce to peer into sensitive corporate data of member companies.

The SEC's gaffe might also underscore the growing importance on Capitol Hill of a cybersecurity order expected to be passed down by President Obama under his executive order privilege. That order would include measures that require companies and government agencies to follow stricter security guidelines. A planned vote was shot down earlier this year after Republicans derailed the idea, saying that it would place an unfair burden on companies.

CNET has contacted the SEC for comment. We will update this story when we have more information.