clock menu more-arrow no yes mobile

Filed under:

SEC staffers bring computers with sensitive, unencrypted data to Black Hat hacker conference

New, 33 comments

In the face of a growing number of cyberattacks on businesses and government agencies, the White House is drafting an executive order on cybersecurity following Congress’s failure to pass similar legislation earlier this year. Not everyone in government is taking the threat so seriously, however. Reuters is reporting that several staffers at the Securities and Exchange Commission’s Trading and Markets Division left their agency-issued computers’ hard drives unencrypted — drives that contain highly sensitive information on stock exchanges such as details of the system's infrastructure. According to reports, in an extreme effort to tempt fate, some of the employees also brought these same computers to the Black Hat security conference, but the SEC says there is no evidence that any data was compromised.

The employees face disciplinary action

While there may not have been a breach, coming to that conclusion reportedly didn’t come cheap. Citing an unnamed source, Reuters reports that the SEC paid a third-party firm "at least $200,000" to analyze whether anyone had gained unauthorized access. Disciplinary action has reportedly been initiated against the employees involved, but we'll have to wait for other details until the upcoming report on the incident from the SEC’s Interim Inspector General, Jon Rymer.