Sources say workers involved are being disciplined
With the myriad high-profile hacks and attacks on government and corporate computer systems around the world, it’s easy to believe that the U.S. federal government and its many arms would do all they can to keep its networks secure. However, that is not always the case.
Reuters reports that workers at the U.S. Securities and Exchange Commission failed to encrypt some of their computers that contained highly sensitive information from stock exchanges. The failure to encrypt the information left data vulnerable to cyber attacks according to people familiar with the situation.
The computers left unencrypted reportedly belonged to a small number of employees in an office within the SEC Trading and Markets Division. That particular division is tasked with ensuring that various stock exchanges follow guidelines to protect the markets for potential cyber threats and system problems.
That makes it incredibly ironic that the employees tasked with ensuring systems are protected from cyber threats would leave their own computers unprotected.
Some of the staffers are known to have taken the unprotected computers to a Black Hat convention where computer hackers gather. There is no clear indication of why the staffers would have taken unencrypted and unprotected computers into the hackers den.
The SEC insists that no data was breached from the insecure computer systems. However, the SEC was forced to spend around $200,000 to hire a third-party firm to conduct a thorough analysis to come to that conclusion.