Skip to content
View in the app

A better way to browse. Learn more.
Soxtalk.com

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Financial News

jasonxctf
in The Filibuster

Featured Replies

QUOTE (southsider2k5 @ Sep 22, 2017 -> 09:08 AM)
This is so much bigger than the Equifax hack, but is getting so much less publicity.

 

https://www.washingtonpost.com/news/busines...m=.e0dc5d9c955b

 

Curious, why do you think it's bigger? Just undermining confidence in the integrity of the market?

 

Equifax was felt so broadly, and we know that information could end up hurting a whole bunch of people through identity theft. The tangible acts of profiting off illegal info seems like it would affect a much more narrow group.

 

  • Replies 8.8k
  • Views 917.5k
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Most Popular Posts

  • Balta1701
    Balta1701

  • Balta1701
    Balta1701

    .....we could do a stimulus at the federal level where the federal government spends money....

  • raBBit
    raBBit

    What are you even talking about? The Federal debt did blow up under Obama?  EDIT: Before you respond with your partisan stuff, it blew up under Bush too and will continue to blow up under Trump.

Posted Images

What sort of information would be considered "nonpublic" that they'd have been able to get a hold of? The story is kinda vague on that.

QUOTE (bmags @ Sep 22, 2017 -> 09:14 AM)
Curious, why do you think it's bigger? Just undermining confidence in the integrity of the market?

 

Equifax was felt so broadly, and we know that information could end up hurting a whole bunch of people through identity theft. The tangible acts of profiting off illegal info seems like it would affect a much more narrow group.

 

Every single confidential filing required by the SEC is literally vulnerable with this attack. This is essentially getting the private information of every corporation out there.

QUOTE (StrangeSox @ Sep 22, 2017 -> 09:17 AM)
What sort of information would be considered "nonpublic" that they'd have been able to get a hold of? The story is kinda vague on that.

 

Material Non-Public Information is a HUGE requirement of the SEC's and could be disastrous to pretty much any industry or company in the wrong hands at the wrong time.

QUOTE (southsider2k5 @ Sep 22, 2017 -> 09:22 AM)
Material Non-Public Information is a HUGE requirement of the SEC's and could be disastrous to pretty much any industry or company in the wrong hands at the wrong time.

 

I'm confused by this:

"The system that was breached, known as EDGAR, is a popular way for investors to access the detailed financial reports companies that sell stock to the public must periodically release. It had a “software vulnerability” that was “exploited and resulted in access to nonpublic information,” Clayton said in the statement."

 

That last sentence.

 

1) Did they access info that was TO BE RELEASED but not yet released

2) Why would they use the same system for public and non public info?

is the concern here that it would enable a bunch of insider trading or what?

QUOTE (bmags @ Sep 22, 2017 -> 09:46 AM)
I'm confused by this:

"The system that was breached, known as EDGAR, is a popular way for investors to access the detailed financial reports companies that sell stock to the public must periodically release. It had a "software vulnerability" that was "exploited and resulted in access to nonpublic information," Clayton said in the statement."

 

That last sentence.

 

1) Did they access info that was TO BE RELEASED but not yet released

2) Why would they use the same system for public and non public info?

 

1- Could be. Some of that information is released, some never is. Company's pretty much disclose anything and everything and then figure out later level of importance and disclosure.

 

2- Fun fact: Despite cybersecurity being a pretty regular "point of emphasis" from the SEC and FINRA, most exchanges and regulatory agencies use outdated security, infrastructure and follow few of their own directives aimed at market participants. My professional guess is that the SEC does none of the Chinese Wall and segregation procedures that they require of member firms. A great example is last I knew the consolidated stock feed in the US was run on a version of Windows that hasn't been supported by Microsoft in a decade or more.

 

Fun reading in general.

 

http://www.dell.com/learn/us/en/uscorp1/pr...arming-reliance

Federal IT and information security is pretty hilariously bad due to and array of issues from ridiculously complex and lengthy procurement processes that leave only a handful of companies even able to offer qualifying bids (see: obamacare exchange fiasco), underfunding programs, and not being able to attract solid talent since the pay is 1/4 or less what they'd get at Google or where ever.

QUOTE (southsider2k5 @ Sep 22, 2017 -> 09:08 AM)
This is so much bigger than the Equifax hack, but is getting so much less publicity.

 

https://www.washingtonpost.com/news/busines...m=.e0dc5d9c955b

It affects corporate profits and that's more important than the financial stability of 150 million people ;)

 

Yes, big deal, just noting your instinctive judgement about priorities.

QUOTE (Balta1701 @ Sep 22, 2017 -> 10:00 AM)
It affects corporate profits and that's more important than the financial stability of 150 million people ;)

 

Yes, big deal, just noting your instinctive judgement about priorities.

 

On a person's personal information you can get as far as their credit score. On a companies information or even marketplace's information you control the entire market place. Which is more important?

QUOTE (southsider2k5 @ Sep 22, 2017 -> 10:05 AM)
On a person's personal information you can get as far as their credit score. On a companies information or even marketplace's information you control the entire market place. Which is more important?

 

I thought the Equifax leak included full name, DOB, address and SSN. Everything wrapped up in a nice package to steal someone's identity and wreck their s*** by taking out loans and credit in their name. That can be a monumental pain in the ass and financially damaging to get cleared up, and it can take months or years. It can screw with your employment prospects if you need background checks, it can screw with your insurance rates and your ability to get a mortgage or even an apartment since more and more credit checks are run for those.

Edited by StrangeSox

QUOTE (southsider2k5 @ Sep 22, 2017 -> 10:04 AM)
Another solid primer

 

https://www.cnbc.com/2017/09/21/heres-what-...e-sec-hack.html

 

this make it seem like the plot of Trading Places, basically. getting early access to what will soon be public information, but that early access is still incredibly valuable.

QUOTE (southsider2k5 @ Sep 22, 2017 -> 10:05 AM)
On a person's personal information you can get as far as their credit score. On a companies information or even marketplace's information you control the entire market place. Which is more important?

The F***?

QUOTE (StrangeSox @ Sep 22, 2017 -> 10:08 AM)
I thought the Equifax leak included full name, DOB, address and SSN. Everything wrapped up in a nice package to steal someone's identity and wreck their s*** by taking out loans and credit in their name. That can be a monumental pain in the ass and financially damaging to get cleared up.

Yes, and your credit history too. Like, I can go be 2k5 for 6 months with that. I could do everything but show up for his job. I could file his tax return.

QUOTE (StrangeSox @ Sep 22, 2017 -> 10:08 AM)
I thought the Equifax leak included full name, DOB, address and SSN. Everything wrapped up in a nice package to steal someone's identity and wreck their s*** by taking out loans and credit in their name. That can be a monumental pain in the ass and financially damaging to get cleared up.

 

And with that information you are going to be able to go as far as their credit score will take you. If they have a 550, all of that information is pretty worthless. If they have a 800, sure you can go a lot further. But if you own Google's MNPI how much further can you go?

QUOTE (Balta1701 @ Sep 22, 2017 -> 10:11 AM)
Yes, and your credit history too. Like, I can go be 2k5 for 6 months with that. I could do everything but show up for his job. I could file his tax return.

 

Oh yeah that scam tax returns are a big part of that, too. As well as potentially gaining bank account information and being able to drain the funds directly via some social hacking once you know everything else about that person.

 

I think people are rightfully much more concerned about that data hack that affects an overwhelming majority of American adults that can lead to great personal financial harm and stress versus opaque corporate market manipulation potential. Doesn't mean that it isn't important, but on the individual level, I think people have their priorities right.

QUOTE (southsider2k5 @ Sep 22, 2017 -> 10:12 AM)
And with that information you are going to be able to go as far as their credit score will take you. If they have a 550, all of that information is pretty worthless. If they have a 800, sure you can go a lot further. But if you own Google's MNPI how much further can you go?

 

You can much more easily socially engineer your way into their various accounts. You can steal tax returns. You can still take out store and other lines of credit even if you've got a bad credit score. And plenty of those 150M people have decent or good credit anyway so it seems weird to be dismissive of them. For me, if my credit were to get wrecked, it could directly impact my employment because I need to obtain and maintain clearances.

 

That affects individual people directly. I don't even know what "Google's MNPI" means, so it seems pretty obvious why more people care about their personal information being stolen and putting them personally at great risk rather than a corporation being at risk.

QUOTE (StrangeSox @ Sep 22, 2017 -> 10:17 AM)
You can much more easily socially engineer your way into their various accounts. You can steal tax returns. You can still take out store and other lines of credit even if you've got a bad credit score. And plenty of those 150M people have decent or good credit anyway so it seems weird to be dismissive of them. For me, if my credit were to get wrecked, it could directly impact my employment because I need to obtain and maintain clearances.

 

That affects individual people directly. I don't even know what "Google's MNPI" means, so it seems pretty obvious why more people care about their personal information being stolen and putting them personally at great risk rather than a corporation being at risk.

 

Its bigger than just "a corporation". Way bigger. If you don't understand it isn't prudent to dismiss this.

Equifax says 2.5M more people than originally reported were affected, bringing the total to 145.5 million people. That's roughly 60% of the adult population of the US.

 
Go to topic listing

Recently Browsing 0

  • No registered users viewing this page.

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.