SEC Says SIM Swap to Blame for Breached X Account

The SEC's official X account was hijacked on Jan 9 through a SIM-swapping attack that allowed crypto-focused attackers to post a Bitcoin ETF-related message, briefly affecting Bitcoin's price. The SEC acknowledged MFA had been disabled earlier and was re-enabled after the compromise; investigations by the SEC Inspector General, FBI, DoJ, and CISA are ongoing. Analysts note SIM-swapping relies on social engineering and carrier porting procedures, making it difficult to fully mitigate.