SEC Twitter Account Hacked Using SIM Swapping Technique: A Detailed Account

The US Securities and Exchange Commission (SEC) recently fell victim to a cyber attack when hackers employed a SIM swapping technique to gain control over its social media account. This article provides a comprehensive overview of the hack, including the events leading up to it, the methods employed by the hackers, the response from the SEC, and the ongoing investigation.

The Hacked Announcement

On January 9, a tweet from the @SECGov Twitter account announced the approval of a highly anticipated bitcoin exchange-traded fund (ETF). However, SEC Chairman Gary Gensler promptly responded on his personal account, confirming that the SEC’s account had been compromised and that the announcement was false.

Timeline of the Hack

The unauthorized access to the SEC’s Twitter account occurred shortly after 4:00 pm ET on January 9th. Upon identifying the incident, the SEC staff took immediate action by deleting the hackers’ post, acknowledging the breach, and contacting Twitter (formerly known as X) to terminate the unauthorized access.

SIM Swapping Method Used

In a Monday update, the SEC disclosed that the hackers employed a SIM swapping technique to gain control over the @SECGov account. The attackers manipulated the telecom carrier into transferring the phone number associated with the account to a SIM card in their possession. With the compromised phone number, the hackers were able to reset the password for the Twitter account.

Disabled Multi-Factor Authentication (MFA)

Investigations into the incident revealed that multi-factor authentication (MFA) had been disabled for the @SECGov account by X support since July 2023. It was disabled due to previous issues faced by SEC staff in accessing the account. The lack of MFA became a vulnerability exploited by the hackers during the attack.

The SEC emphasized that the hack did not occur through its own systems, and there is no evidence to suggest that the attackers gained access to SEC systems, data, devices, or any other social media accounts. This indicates that the breach was limited to the Twitter account and did not compromise the agency’s internal network.

Collaboration with Law Enforcement

Immediately following the incident, the SEC contacted law enforcement and has been fully cooperating in the ongoing investigation. The authorities are working to determine how the unauthorized party convinced the telecom carrier to change the SIM associated with the account and how they obtained knowledge of the associated phone number.

Investigation Focus

The primary focus of the investigation is to uncover the methods employed by the hackers to manipulate the telecom carrier and change the SIM card linked to the SEC’s Twitter account. Additionally, investigators are working to determine how the attackers were able to identify the specific phone number associated with the account.

The recent hacking of the SEC’s Twitter account using the SIM swapping technique highlights the growing sophistication of cybercriminals and the need for stringent cybersecurity measures. Despite the breach, the SEC has confirmed that its internal systems and data remain secure. The incident serves as a reminder for organizations to prioritize the protection of their social media accounts, even if they are not directly linked to their internal networks. By collaborating with law enforcement and taking appropriate actions, the SEC is actively working to identify and bring the hackers to justice.

Explore more

Compliance Drives Regulated B2B Influencer Marketing in 2026

The shifting landscape of digital authority has fundamentally transformed how enterprise-level organizations engage with industry experts and thought leaders across global markets. As the professional world moves deeper into this period of technological saturation, the superficial tactics of the past have been replaced by a rigorous commitment to transparency and legal precision. In earlier years, the simple inclusion of a

Transforming Voice of the Customer Into Predictive Action

Corporate boardrooms often overflow with real-time dashboards and complex analytics, yet many organizations still find themselves blindsided by sudden shifts in customer loyalty and market demand. While the technology to capture feedback has become ubiquitous, the structural ability to interpret and act upon that data in a meaningful timeframe remains remarkably rare for the average enterprise. Most traditional systems are

How Will Databricks CustomerLake Redefine Agentic Marketing?

The ongoing evolution of the digital landscape has forced a radical reconsideration of how enterprises capture, process, and ultimately utilize the vast oceans of consumer data generated every second of the day. Modern marketing departments have long struggled with the paradox of having too much information but not enough actionable insight to drive meaningful consumer interactions in real time. The

How Can Small Banks Compete With Global Financial Giants?

Nikolai Braiden has seen the evolution of financial architecture from its early blockchain roots to the current wave of institutional modernization, and today he joins us to dissect a pivotal shift in venture capital. With BankTech Ventures recently deploying $15 million into AI and stablecoin solutions, the landscape for regional banking is undergoing a profound transformation. Braiden’s perspective as an

Bullski Presale Tops the List of Best Meme Coins for 2026

The current cryptocurrency market in 2026 has transitioned into a highly sophisticated arena where institutional standards and community-driven viral momentum converge to create unique financial opportunities. Investors are no longer satisfied with speculative assets lacking fundamental safeguards, leading to a significant shift toward projects that prioritize technical transparency and structured growth. In this evolving landscape, the Bullski presale has emerged