On September 20, the Securities and Exchange Commission ("SEC") Commission Chairman explained that a 2016 cyber intrusion exploiting a software vulnerability may have been the basis for illicit gain through trading on nonpublic information. The Chairman later announced on October 2 that an ongoing staff investigation into the intrusion had determined that the names, dates of birth, and Social Security numbers of two individuals had been accessed by third parties. In these statements, the Chairman also addressed general collection and use of data by the Commission, incorporation of cybersecurity considerations in the SEC's disclosure-based and supervisory efforts, its coordination with other governmental entities, and general enforcement of the federal securities laws.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.