From: LeapRate
***
The recent incident with the SEC EDGAR web application involved unauthorized individuals gaining access to information before the public, and then profiting from pre-arraged trades using information that had been gleaned.
Attackers were most likely able to take advantage of a web application vulnerability that allowed them to see information that was not yet public, and had either registered their own account on the platform or taken over a pre-existing account to achieve the appearance of legitimate access to the system.
Leave a Reply