The breach involved Securities and Exchange Commission's EDGAR filing system, which houses market-moving information with millions of filings ranging from quarterly earnings to statements on acquisitions.
The SEC, which regulates the financial securities industry, gave few details on the hack but said the hackers may have made "illicit gain through trading", NBC News reported.
The system that was breached, known as EDGAR, is a popular way for investors to access the detailed financial reports companies that sell stock to the public must periodically release. While the SEC has been aware of the breach since 2016, it wasn't until last month that the agency concluded that the cybercriminals involved may have used their bounty to make illicit trades.
The disclosure arrived two months after a government watchdog said deficiencies in the computer systems of the Securities and Exchange Commission put the system, and the information it contains, at risk.
It discovered the hack a year ago, but says that it wasn't until August 2017 that it noticed additional effects of the hack.
Halle Berry has found her latest victim slash beau
Actress Halle wore her hair high on her head to let her outfit have full attention but chose to go minimal on the make-up front. Halle Berry has been on Instagram for just a little over a year, but she's already a pro at the ways of the social platform.
Stafford Throws Pair Of TDs, Lions Top Giants; Manning Sacked 5 Times
Now New York , which went 11-5 last season and made the playoffs, needs to get its offense going in a hurry. This is the first time in franchise history the team has lost by 14 or more points in its first two games.
Irma's Florida Death Toll at 34 - And Rising
And some are already questioning why nursing homes aren't among the first facilities to be reconnected to power after a storm. Absent is Monroe, where recovery efforts continue with ongoing door-to-door checks in the Keys.
The SEC 's new director, Walter J. Clayton, has said the agency would work to improve its cybersecurity protections. While the weakness was "patched promptly after discovery", it still resulted in hackers gaining access to nonpublic information, according to the agency. The agency said it did not result in "systemic risk".
It is not believed that any personally identifiable information or SEC operations were compromised, the agency added. The credit reporting agency said hackers infiltrated its system, stealing significant personally identifiable information through a vulnerability in a US website application.
The Equifax breach, which focused on a database that contained the personal information of 143 million Americans, focused attention on the vulnerabilities of private companies that handle sensitive personal financial information.
"Failure to do so may result in an enforcement action", he warned, although the SEC is yet to ever bring any such action against a non-complying company.
"Notwithstanding our efforts to protect our systems and manage cybersecurity risk, in certain cases, cyber threat actors have managed to access or misuse our systems", said Clayton. "We also must recognize-in both the public and private sectors, including the SEC - that there will be intrusions, and that a key component of cyber risk management is resilience and recovery".