The Securities and Exchange Commission (SEC) on Monday said the agency fell victim to a “SIM swap” attack ahead of its decision on the approval of spot Bitcoin (CRYPTO: BTC) ETFs, which led to the watchdog's official X account unexpectedly announcing the approval of all applications.

This news, released just after the markets closed, was received with celebration on social media.

However, inconsistencies soon emerged – there were no supporting filings, and no updates appeared on the SEC's website. SEC Chair Gary Gensler swiftly clarified via his account that the SEC's account had been "compromised," and no ETFs had been approved.

The incident sparked various reactions, with some in the crypto community highlighting the SEC's past guidance on cybersecurity, while lawmakers from both political parties demanded an investigation.

The SEC is still probing how the hacker managed to persuade the carrier to switch the SIM associated with the SEC's account and how the hacker knew the linked phone number, Fortune reported.

SIM swaps typically involve cybercriminals convincing a mobile service provider to transfer control of a phone number to a new SIM card, enabling them to reset passwords and hijack accounts.

Also Read: Cathie Wood Calls Out Bitcoin Skeptics: 'You Can't Have It Both Ways,' 5 Myths Debunked

This kind of attack is not uncommon in the crypto world, as demonstrated in September when Ethereum (CRYPTO: ETH) co-founder Vitalik Buterin lost access to his X account, leading to over $691,000 stolen from his followers through a malicious link.

An SEC spokesperson said that the agency had multifactor authentication enabled on its X account but had to remove it in July due to access issues.

The feature has since been reinstated on all SEC social accounts where possible.

In its official statement, the SEC confirmed its cooperation with various law enforcement and federal oversight agencies, including the FBI, the Department of Homeland Security, and the Department of Justice, to resolve the issue.

The spokesperson said that there is no evidence the hacker accessed any SEC systems, data, devices, or other social platforms.

Read Next: FTX Sold $1B Of GBTC, Explaining Part Of Grayscale Outflows

Photo: Shutterstock