The Securities and Exchange Commission (SEC) revealed Wednesday that hackers breached its system for public-company filings and may have profited from stolen insider information.
SEC Chairman Jay Clayton said in a statement that hackers exploited a software vulnerability in the regulator's EDGAR filing system. That breach was discovered in 2016, he said, but the SEC did not learn about the possibility of unlawful trading until 2017.
The SEC says the software flaw was quickly patched, and that no sensitive personal information, such as credit card or Social Security numbers, was exposed in the breach.
He did not say who may have been responsible for the breach.
The announcement comes just more than a week after credit report company Equifax revealed that hackers accessed personally identifiable information from more than 144 million people.