Tech Talk: That CANT Be True!
 | Author:
Victor Sample
Vic Sample: MT43 News Treasurer |
That CANT Be True!
Victor Sample
As I have mentioned many times, every weekday morning I receive a tech newsletter. This morning I read a headline that I thought “That just can’t be true”.
It was true!
A while ago, the Securities Exchange Commission (SEC) issued a new regulation: any company that has been hacked must make a public report about the security breach; what data was compromised, what effect it might have and what they have done about the breach.
A hacker group successfully gained access to an SEC-regulated company. They did NOT encrypt the company's files and hold them for ransom. Instead, they tried to extort the company by threatening to release confidential information from the files they hacked.
The hackers usually send an email to the company they hacked demanding an amount of ransom; they usually consider it the start of negotiations. The hackers then settle on an amount; the company pays and life goes on.
In this case, the company did not respond to the ransom demand; but, they also did not report that they had been hacked.
The hacker group filed a complaint with the SEC that the company had been hacked and did not comply with the new regulation!
The hackers actually have a website and posted a picture of the complaint they filed.
Apparently, the hacker group was not aware that the new regulation did not actually go into effect until December 15, 2023; so the company is not actually in violation of the SEC rules.
I can’t believe that hackers are now resorting to filing complaints with a federal agency because someone did not respond to their extortion efforts.
But it is true!
By the way, for those of you wondering, filing a complaint with the SEC did not reveal any information useful in identifying who the hackers are or where to find them.
