IE 11 is not supported. For an optimal experience visit our site on another browser.

Companies who don't stop hacks could be breaking the law, warns the SEC

NBC News Clone summarizes the latest on: Companies Who Don T Stop Hacks Could Be Breaking Law N920821 - Business and Economy | NBC News Clone. This article is rewritten and presented in a simplified tone for a better reader experience.

The FBI estimates some e-mail scams have led to $5 billion in losses since 2013.
Image: Securities and Exchange Commission; SEC
The seal of the U.S. Securities and Exchange Commission at SEC headquarters, in Washington.Andrew Harnik / AP
By Reuters

Public companies who fail to tighten their cyber security controls could be violating federal law, the U.S. Securities and Exchange Commission said on Tuesday.

The regulator's warning came in the form of a report on its investigation to assess whether nine companies that had been victims of cyber-related frauds had sufficient internal accounting controls in place as required by law.

It focused on so-called "business e-mail compromises" in which cyber criminals pose as company executives to dupe staff into sending company funds to bank accounts controlled by the hackers. The Federal Bureau of Investigation estimates such scams had led to $5 billion in losses since 2013, the SEC said.

The fraud did not include any sophisticated design, but rather used technology to detect the human vulnerabilities in the control system, the report said.

"We did not charge the nine companies we investigated, but our report emphasizes that all public companies have obligations to maintain sufficient internal accounting controls and should consider cyber threats when fulfilling those obligations," Stephanie Avakian, Co-Director of the SEC Enforcement Division, said in a statement.

The SEC did not identify the companies but said the failings of internal controls were only discovered when vendors told authorities of nonpayment on a number of outstanding invoices.

Regulators and lawmakers are increasingly focused on the risks cyber criminals pose to companies and their customers following a series of high-profile incidents. They included the theft by hackers last year at credit reference company Equifax of personal information of more than 145 million people.

Last week, Facebook said hackers stole data from 29 million Facebook accounts, adding to concerns among users and investors about the company that has been through a series of cyber scandals.

Following the Equifax breach, the SEC issued updated guidance on how and when companies should disclose cyber security risks and breaches, including potential weaknesses that have not yet been targeted by hackers but could constitute inside information.

Stay informed with daily digest and insights from NBC News Clone. We repackage top headlines for our global readers.

×
AdBlock Detected!
Please disable it to support our content.

Related Articles

Donald Trump Presidency Updates - Politics and Government | NBC News Clone | Inflation Rates 2025 Analysis - Business and Economy | NBC News Clone | Latest Vaccine Developments - Health and Medicine | NBC News Clone | Ukraine Russia Conflict Updates - World News | NBC News Clone | Openai Chatgpt News - Technology and Innovation | NBC News Clone | 2024 Paris Games Highlights - Sports and Recreation | NBC News Clone | Extreme Weather Events - Weather and Climate | NBC News Clone | Hollywood Updates - Entertainment and Celebrity | NBC News Clone | Government Transparency - Investigations and Analysis | NBC News Clone | Community Stories - Local News and Communities | NBC News Clone