After hack, X claims SEC failed to use two-factor authentication | CyberScoop<\/title> <meta name=\"description\" content=\"A breach of the Securities and Exchange Commission's account on the platform formerly known as Twitter caused bitcoin prices to spike.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"After hack, X claims SEC failed to use two-factor authentication\"> <meta property=\"og:description\" content=\"A breach of the Securities and Exchange Commission's account on the platform formerly known as Twitter caused bitcoin prices to spike.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-01-10T22:09:00+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1281\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"eliasgroll\"> <meta name=\"twitter:card\" content=\"summary_large_image\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1701905043g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1704748048g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1704914995g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=7dab012cdc88b5676610\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/78746\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.4.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=78746\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fafter-hack-x-claims-sec-failed-to-use-two-factor-authentication%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fafter-hack-x-claims-sec-failed-to-use-two-factor-authentication%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-78746 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.925742574257\">\n<div class=\"single-article__header-content\" readability=\"29.767346938776\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/cybersecurity\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> A breach of the Securities and Exchange Commission’s account on the platform formerly known as Twitter caused bitcoin prices to spike. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"427\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication.jpg?resize=640%2C427&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=1536,1025 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=1012,675 1012w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-4.jpg?resize=1264,843 1264w\" sizes=\"(max-width: 1012px) 100vw, 1012px\"><figcaption> In this photo illustration, a visual representation of the digital currency bitcoin is seen on January 09, 2024 in London, England. (Dan Kitwood\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"34.598395469561\"><body readability=\"69.864814320064\"><\/p>\n<p>The social media platform X accused the Securities and Exchange Commission of failing to implement strong security features after the agency\u2019s account on the platform was hijacked and used to falsely claim that the regulatory body had approved the trading of exchange traded funds holding bitcoin. <\/p>\n<p>In <a href=\"https:\/\/twitter.com\/Safety\/status\/1744924042681897343\">a statement<\/a> late Tuesday, the social media network formerly known as Twitter said that \u201cthe compromise was not due to any breach of X\u2019s systems, but rather due to an unidentified individual obtaining control over a phone number associated with the @SECGov account through a third party.\u201d The statement added that the SEC had failed to enable two-factor authentication for its account on X. <\/p>\n<p>On Tuesday, the SEC\u2019s official account on X <a href=\"https:\/\/cyberscoop.com\/sec-bitcoin-etf-gensler\/\">posted that the agency had approved<\/a> the trading of bitcoin ETFs, which briefly caused the price of bitcoin to jump before SEC Chair Gary Gensler said that the statement was false and was the result of the agency\u2019s account being compromised. Bitcoin investors and speculators have been eagerly awaiting the SEC\u2019s decision on whether to approve bitcoin ETFs, and on Wednesday, 24 hours after a hack resulted in a false statement about approval, the agency did in fact <a href=\"https:\/\/www.coindesk.com\/business\/2024\/01\/10\/sec-posts-order-approving-bitcoin-etfs-and-then-it-disappears-from-website\/?utm_term=organic&utm_source=twitter&utm_content=editorial&utm_medium=social&utm_campaign=coindesk_main\">greenlight bitcoin ETFs<\/a>. <\/p>\n<p>In a statement on Wednesday about the hack, a spokesperson for the SEC said that the agency \u201ccontinues to investigate the matter and is coordinating with appropriate law enforcement entities, including the SEC\u2019s Office of the Inspector General and the FBI.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>While the details of how Tuesday\u2019s attacker managed to gain control of the SEC account, the statement from X suggests that the attack may have been carried out via sim-swapping, which involves gaining control of a cellular phone number by convincing a mobile carrier to transfer a number to a sim card controlled by the attacker.<\/p>\n<p>Once the attacker controls the victim\u2019s phone number, they can use that phone number to reset the password of accounts belonging to the victim. If the victim uses the same number as their two-factor authentication, the attacker will be able to intercept two-factor codes as well. <\/p>\n<p>Sim-swapping attacks are a prolific source of account takeovers, and Tuesday\u2019s attack on the SEC\u2019s Twitter account was only novel insofar as it affected a government account and caused a sharp swing in financial markets. <\/p>\n<p>In the aftermath of Elon Musk\u2019s acquisition of Twitter, former employees <a href=\"https:\/\/cyberscoop.com\/twitter-ftc-privacy-musk\/\">have raised concerns<\/a> that widespread layoffs and employee departures has undermined security on the platform. Security researchers and telecommunication firms have urged the company for years to adopt best practices with regards to preventing sim-swapping attacks, but these warnings have fallen on deaf ears. <\/p>\n<p>\u201cThere have been security contacts at telcos trying to reach out to Twitter but everyone we (and the community) knows that worked on their security team and was responsive has quit,\u201d Allison Nixon, the chief research officer at the cybersecurity firm Unit 221B, said in an online chat, referring to the information security community. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>If the SEC had failed to enable two-factor authentication \u2014 as the statement from X claimed \u2014 the agency would be in violation of federal government guidance. A <a href=\"https:\/\/www.cisa.gov\/sites\/default\/files\/publications\/CISA_CEG_Social_Media_Account_Protection_508.pdf\">December 2021 advisory<\/a> from the Cybersecurity and Infrastructure Security Agency urges federal agencies to enforce multi-factor authentication for their social media accounts, among other actions. <\/p>\n<p>The SEC did not respond to a query from CyberScoop about whether X\u2019s description of the agency\u2019s security practices was accurate. CISA referred questions about the incident to the SEC. <\/p>\n<p><em>CyberScoop reporter AJ Vicens and FedScoop reporter Rebecca Heilweil contributed to this article. <\/em><\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"4.0080971659919\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-1.jpg?w=640&ssl=1\" alt=\"Elias Groll\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Elias Groll<\/h4>\n<p> Elias Groll is a senior editor at CyberScoop. He has previously worked as a reporter and editor at Foreign Policy, covering technology and national security, and at the Brookings Institution, where he was the managing editor of TechStream and worked as part of the AI and Emerging Technology Initiative. He is a graduate of Harvard University, where he was the managing editor of The Harvard Crimson. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<div class=\"popular-stories__stories\">\n<div class=\"popular-stories__cards\">\n<article class=\"post-item post-item--popular-stories-cards \" readability=\"19.624324324324\">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/sec-cybersecurity-incidents-disclosure-rule\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"515\" height=\"337\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication.webp?resize=515%2C337&ssl=1\" class=\"attachment-ratio-16-9-md size-ratio-16-9-md wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg 4783w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=300,196 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=768,502 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=1024,669 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=1536,1004 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=2048,1339 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=600,392 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=257,168 257w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=515,337 515w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=1032,675 1032w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-5.jpg?resize=1289,843 1289w\" sizes=\"auto, (max-width: 515px) 100vw, 515px\"> <\/a><figcaption class=\"screen-reader-text\"> The headquarters of the Securities and Exchange Commission is seen in Washington, D.C., on Jan. 28, 2021. (Photo by Saul Loeb \/AFP via Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\" readability=\"1.6968325791855\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/sec-cybersecurity-incidents-disclosure-rule\/\"> SEC disclosure rule for \u2018material\u2019 cybersecurity incidents goes into effect <\/a> <\/h3>\n<p> The controversial rule requires publicly traded companies to report such events to the agency within four business days. <\/p>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/cvasquez\/\"> Christian Vasquez <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/sec-sues-solarwinds-and-ciso-for-fraud\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"252\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-2.jpg?resize=252%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=768,513 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=1024,684 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=1536,1026 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=600,401 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=1011,675 1011w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-6.jpg?resize=1263,843 1263w\" sizes=\"auto, (max-width: 252px) 100vw, 252px\"> <\/a><figcaption class=\"screen-reader-text\"> The headquarters of the US Securities and Exchange Commission (SEC) is seen in Washington, DC, January 28, 2021. (SAUL LOEB\/AFP via Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/sec-sues-solarwinds-and-ciso-for-fraud\/\"> SEC sues SolarWinds and CISO for fraud <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/cvasquez\/\"> Christian Vasquez <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/cryptocurrency-sec-cybersecurity-bitcoin-regulation-enforcement\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"252\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-3.jpg?resize=252%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-7.jpg 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-7.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-7.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-7.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-7.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-7.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/01\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication-7.jpg?resize=1012,675 1012w\" sizes=\"auto, (max-width: 252px) 100vw, 252px\"> <\/a><figcaption class=\"screen-reader-text\"> BUENOS AIRES, ARGENTINA \u2013 MARCH 17: Coins of Bitcoin are offered as merchandising in an exchange shop on March 17, 2022, in Buenos Aires, Argentina. (Photo by Ricardo Ceppi\/Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/cryptocurrency-sec-cybersecurity-bitcoin-regulation-enforcement\/\"> Cryptocurrency regulators are scrambling to catch up with hackers who are swiping billions <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/tonya-riley\/\"> Tonya Riley <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>After hack, X claims SEC failed to use two-factor authentication<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1355,78,1365,1324,288,608],"tags":[1357,86,1366,1326,294,611],"class_list":["post-2338","post","type-post","status-publish","format-standard","hentry","category-bitcoin","category-cybersecurity","category-money","category-securities-and-exchange-commission-sec","category-threats","category-twitter","tag-bitcoin","tag-cybersecurity","tag-money","tag-securities-and-exchange-commission-sec","tag-threats","tag-twitter"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/bitcoin\/\" rel=\"category tag\">bitcoin<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/money\/\" rel=\"category tag\">Money<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/securities-and-exchange-commission-sec\/\" rel=\"category tag\">Securities and Exchange Commission (SEC)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/twitter\/\" rel=\"category tag\">Twitter<\/a>","tag_info":"Twitter","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2338"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2338\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":2338,"date":"2024-01-10T22:09:00","date_gmt":"2024-01-10T22:09:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=78746"},"modified":"2024-01-10T22:09:00","modified_gmt":"2024-01-10T22:09:00","slug":"after-hack-x-claims-sec-failed-to-use-two-factor-authentication","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/01\/10\/after-hack-x-claims-sec-failed-to-use-two-factor-authentication\/","title":{"rendered":"After hack, X claims SEC failed to use two-factor authentication"},"content":{"rendered":"