The SEC confirmed its official X account was compromised earlier this month through a SIM swapping attack. SIM swapping involves attackers convincing a carrier to transfer a phone number to a new device under their control. Once in control of the phone number, the unauthorized party was able to reset the password for the @SECGov X account. The SEC said it had disabled multi-factor authentication for the account last July due to "issues," and MFA was not re-enabled until after the hack.