Threat Management, Incident Response, Network Security, TDR, Threat Management

SEC asks firms for data breach details linked to insider trading

The Securities and Exchange Commission (SEC) is asking hacked firms to provide details on their breaches in which hackers may have stolen emails to use for insider trading. Experts believe the investigation inquiry was prompted by a FireEye report about a sophisticated hacking group dubbed “FIN4.”

The hacking collective used spear phishing tactics and targeted healthcare and pharmaceutical companies because the volatility of their stock value makes them potentially more profitable, according to report.

John Reed Stark, former head of internet enforcement at the SEC, told Reuters in an exclusive report that this an “absolute first” for the SEC to ask companies to disclose information concerning breaches. Stark explained that the SEC is interested because “failures in cybersecurity have prompted a dangerous, new method of unlawful insider trading.”

At least eight listed companies have been asked to provide details of their data breaches.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.