SEC Lab Fails to Protect Stock Exchanges Data During Inspections
November 21, 2012
But identities of lab personnel were redacted from the report.
Management did not “put in place policies and procedures to protect SRO, exchange, and clearing agency data collected by lab staff or take any steps to ensure that lab. Staff were abiding” by policies set by the Office of Information Technology for protecting data collected during inspections, according to the report.
“Although we found no evidence that data was compromised, the problem was fixed and the two staffers responsible for maintaining and configuring the equipment are no longer with the agency,'' SEC spokesman John Nester said.
But the New York Stock Exchange confirmed Wednesday that it has hired former Homeland Security Secretary Michael Chertoff to look into the failure. Cherthoff's charge is to determine if any sensitive data belonging to the exchange was breached, during or after the inspections.
The other three major exchange operators, Nasdaq OMX Group, Direct Edge and BATS Global Markets, all declined comment.