Intercontinental Exchange, Inc., which owns the New York Stock Exchange, agreed to pay $10 million to settle Securities and Exchange Commission allegations that the exchange giant failed to immediately tell the SEC about a hack of its systems in 2021.
The SEC said that in April 2021 ICE learned that its virtual private network had been hacked by a “threat actor.” ICE did not alert the legal and compliance staff at its subsidiaries, which include many of the world’s largest trading platforms, for several days, according to the SEC. The agency’s rules require ICE to immediately tell SEC staff about such incidents.
“This settlement involves an unsuccessful attempt to access our network more than three years ago,” ICE, which did not admit to or deny the SEC’s findings, said in a statement. “The failed incursion had zero impact on market operations. At issue was the time frame for reporting this type of event under Regulation SCI,” the company added, referring to the SEC rule that covers such reporting.
After investigating the issue, ICE found that the intrusion was limited and did not pose a major risk, according to the SEC.
“When it comes to cybersecurity, especially events at critical market intermediaries, every second counts and four days can be an eternity,” SEC enforcement chief Gurbir Grewal said in a statement. “Today’s order and penalty not only reflect the seriousness of the respondents’ violations, but also that several of them have been the subject of a number of prior SEC enforcement actions.”
Top photo: Pedestrians walk along Wall Street near the New York Stock Exchange (NYSE) in New York, US, on Thursday, May 16, 2024. The Dow Jones Industrial Average eclipsed 40,000 for the first time on Thursday as investors grow confident that the stock market rally can keep running on hopes the Federal Reserve will start cutting interest rates later this year. Photographer: Alex Kent/Bloomberg.
Was this article valuable?
Here are more articles you may enjoy.