WASHINGTON Securities and Exchange Commission staffers left highly-sensitive information from stock exchanges open to hacking and cyber-attacks because they didn't adequately protect the security of some computers and other electronic devices, according to Reuters, citing people familiar with what happened.
The new agency's sources added that there were no signs that any hacking or spying occurred.
The devices "belonged to a handful of employees in an office within the SEC's Trading and Markets Division. That office is responsible for making sure exchanges follow certain guidelines to protect the markets from potential cyber threats and systems problems," Reuters says.
Some of them even brought the devices to a Black Hat conference, where experts get together to talk about the latest trends in hacking. It wasn't clear why the staffers did that, Reuters says.
The lapses are spelled out in a report that SEC Interim Inspector General Jon Rymer hasn't released yet, Reuters reports.
"The revelation comes as the SEC is encouraging companies to get more serious about cyber attacks," Reuters points out. "Last year, the agency issued guidance that public companies should follow in determining when to report breaches to investors.
"Cyber security has become an even more pressing issue after high-profile companies from Lockheed Martin Corp to Bank of America Corp have fallen victim to hacking in recent years."
SEC spokesman John Nester wouldn't comment to Reuters about the report's findings. Nor would the NASDAQ.
But New York Stock Exchange spokesperson Rich Adamonis said the NYSE is "disappointed" with the SEC.
The SEC has taken disciplinary action against the staffers involved, Reuters notes.