The Latest: SEC chair says agency hack ‘concerns me deeply’

Jay Clayton
The Associated Press

WASHINGTON (AP) — The Latest on SEC Chairman Jay Clayton’s appearance before the Senate Banking Committee (all times local):

11:40 a.m.

U.S. senators from both parties grilled Securities and Exchange Commission Chairman Jay Clayton Tuesday on the agency’s handling of a 2016 data breach that Clayton disclosed only last week. The hack focused on the agency’s system for handling corporations’ public documents, known as EDGAR.

“I was disturbed to learn that the SEC suffered a cyber-breach of its EDGAR system in 2016, but did not notify the public, or even all of its Commissioners, until it was discovered during your recent review,” Senate Banking Committee Chairman Mike Crapo, Republican from Idaho, said.

Clayton said the hack “concerns me deeply” and said that he has ordered an investigation by the agency’s Inspector General.

Sen. Sherrod Brown, D-Ohio, acknowledged that the breach occurred before Clayton took office in May. But he criticized the SEC chairman for not revealing it more quickly.

“The disclosure, or lack thereof, is all yours,” Brown said. “How can you expect companies to do the right thing when your agency has not?”

10:45 a.m.

Securities and Exchange Commission Chairman Jay Clayton says that senior executives at Equifax should be forced to return recent bonuses if the company’s delay in disclosing a data breach is found to be improper.

Sen. Sherrod Brown, Democrat from Ohio, slammed Equifax for a six-week delay in disclosing the massive security breach, which exposed personal information for 143 million Americans. Several executives sold Equifax shares during that six-week period.

Clayton said the bonuses should be recovered if the delay is found to be improper. The company argued that revealing the information wasn’t “material” to investors.

9:35 a.m.

Jay Clayton, the chairman of the Securities and Exchange Commission, is likely to face tough questions from a Senate banking panel, after the agency acknowledged that it also was a victim to a hack.

Two major issues in the SEC breach are the potential any information obtained was used for insider trading and whether the SEC knew about the security breach for months and only recently decided to disclose it.

Clayton has been at the head of the SEC since May, and is not likely to face calls for his removal since the breach happened a year ago. But he may be questioned about whether the SEC — the federal government’s main arm for enforcing rules and regulations on Wall Street — is up to the task of keeping data secure.

___

This story has been corrected to show that the number of Americans affected by the security breach at Equifax was 143 million, not 134 million.

.