U.S. SEC staffers used govn't computers for personal use - report

WASHINGTON Sat Nov 10, 2012 4:58am IST

A sign for the Securities and Exchange Commission (SEC) is pictured in the foyer of the Fort Worth Regional Office in Fort Worth, Texas June 28, 2012. REUTERS/Mike Stone/Files

A sign for the Securities and Exchange Commission (SEC) is pictured in the foyer of the Fort Worth Regional Office in Fort Worth, Texas June 28, 2012.

Credit: Reuters/Mike Stone/Files

Related Topics

Stocks

   

WASHINGTON (Reuters) - Several U.S. Securities and Exchange Commission staffers responsible for monitoring the markets and exchanges broadly misused computer equipment to download music and failed to properly safeguard sensitive information, a report has found.

In a 43-page investigative report that probed the misuse of government resources, SEC Interim Inspector General Jon Rymer discovered that an office within the SEC's Trading and Markets division spent over $1 million on unnecessary technology.

The report also found that the staffers failed to protect their computers and devices from hackers, even as they were urging exchanges and clearing agencies to do just that.

Although no breaches occurred, the staffers left sensitive stock exchange data exposed to potential cyber attacks because they failed to encrypt the devices or even install basic virus protection programs.

Reuters first reported on the unencrypted computers on Thursday, citing people familiar with the matter.

On Friday, however, Reuters reviewed a copy of the full report, which details an even broader array of problems, from misleading the SEC about the office's need to buy Apple Inc (AAPL.O) products, to cases in which staffers took iPads and laptops home and used them primarily for pursuits such as personal banking, surfing the Web and downloading music and movies.

The report says the staff may have brought the unprotected laptops to a Black Hat convention where hacking experts discuss the latest trends. They also used them to tap into public wireless networks and brought the devices along with them during exchange inspections.

In at least one case, a staffer admitted to using his personal e-mail to send his work e-mail sensitive data about the Depository Trust & Clearing Corp, the U.S. equities market's clearing agency. When asked about this, he called it "a mistake" and "bad judgment" on his part.

"While they were using unencrypted laptops themselves, they were recommending to the (exchanges and clearing agencies) that they encrypt their laptops," Rymer wrote in his report, which is dated August 30.

"The inspector general found that four staff members had used unencrypted laptop computers in violation of SEC policy," SEC spokesman John Nester said.

"Although we found no evidence that data was compromised, the problem was fixed and the two staffers responsible for maintaining and configuring the equipment are no longer with the agency."

Rymer's report comes as the SEC is encouraging companies to get more serious about cyber attacks. Last year, the agency issued guidance that public companies should follow in determining when to report breaches to investors.

The office that was the subject of Rymer's investigation is responsible for ensuring exchanges are following a series of voluntary guidelines known as "Automation Review Policies," or ARPs.

These policies call for exchanges to establish programs concerning computer audits, security and capacity. They are, in essence, a road map of the capital markets' infrastructure.

Rymer found that the office did not have any planning or oversight into its purchases of computer equipment. From 2006 through 2010, the office got permission to spend $1.8 million on technology devices.

The report also found that some people who worked in the office had little or no experience with exchange technical matters. (Reporting By Sarah N. Lynch; Editing by Matthew Goldstein and Andre Grenon)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

AMAZON

TECH SHOWCASE

Rising Market Value

Rising Market Value

Facebook goes express to mega-cap status  Full Article 

Right to be Forgotten

Right to be Forgotten

Google under fire from regulators over response to EU privacy ruling.  Full Article 

Record Smartphone Sales

Record Sales

LG Electronics flags further mobile improvement after Q2 profit jump.  Full Article 

Smartwatch

Smartwatch

Swatch Group denies working with Apple on smartwatch.  Full Article 

Strong Results

Strong Results

Nokia's fortunes brighten on heavy network spending.  Full Article 

Battle of Giants

Battle of Giants

In China, Apple's focus pays off while Samsung feels squeeze.  Full Article 

Anonymity Services

Anonymity Services

Flaws could expose users of privacy-protecting software, researchers say.  Full Article 

Biggest Chipmaker

Biggest Chipmaker

China regulator determines Qualcomm has monopoly - state-run newspaper.  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage