According to The Wall Street Journal, news that the US Securities and Exchange Commission’s electronic filing system was hacked is raising concerns of what rogue traders may do if they gained market-moving information before the news went public. This week, the SEC disclosed that that its Electronic Data Gathering, Analysis, and Retrieval System (EDGAR), which stores public company filings, was hacked last year.
While the breach was noticed in 2016, regulators were not made aware that illicit trading could become a repercussion until last month. The majority of the commissioners reportedly didn’t know the hack had occurred until “recent days.” It wasn’t until SEC Chairman Jay Clayton launched a review of the agency’s “cybersecurity vulnerabilities” this Spring that the extent of the hack became clear.
The WSJ reports that according to market veterans, there are several ways in which intruders could trade using the nonpublic information available through Edgar. Companies usually submit earnings filings in advance of them become public knowledge and it is during this time, before market release, when a rogue trader could strike. Another potential target for hackers might be the 8-K form, used by companies to disclose big events, including acquisitions, not yet disclosed medical trials, and other potentially market moving information. 13-D filings submitted by investors with a greater than 5% position in a company—this is information that could generate investor interest—could also be a target.