The US Securities and Exchange Commission is pointing towards "SIM hacking" as the probable cause of its X (formerly Twitter) account being hijacked earlier this month.
New details to the ongoing investigation reveal that hackers were able to access the commission's social media account by swapping the user's phone number to the "unauthorized party" without permission.
The still unidentified hijacker was then able to reset the password for the X account, the SEC reported.
According to the SEC, the breach was made possible after the commission removed its multi-factor authentication system six months prior to the attack.
The security protection has since been reinstated following the hijacking.
Several lawmakers demanded the SEC to take responsibility for the hijacking, especially since US agencies follow certain policies on handling social media accounts, Reuters reported.
The hijacking of the SEC caused a spike in Bitcoin price before its public opening after the account posted a fake ETF approval. The post has since been deleted.
X Criticizes SEC for Account Negligence
The commission's hijacking, of course, did not go unnoticed by its owner Elon Musk.
Musk, who faced the SEC in several lawsuits, threw shade towards the commission soon after the breach was made public.
Twitter Safety, X's security assistance account, earlier confirmed that the platform was "not due to any breach of X's systems."
X representatives have yet to provide a statement regarding the latest findings on the case.
The SEC already said it will continue to work with other government agencies, including the FBI and the Cybersecurity and Infrastructure Security Agency, to resolve the breach.
SIM Swap Hacks on the Rise
While no similar hijack method was done to other government social media accounts, experts see the attack as a sign of threat actors becoming bolder on their targets.
Cybersecurity expert Chris Pierson told CNBC that SIM swap hacks have become more common over the past years as "organized and sophisticated actors" have started abusing the vulnerability.
According to Pierson, scammers first started using the hack to hijack a cryptocurrency wallet or account.
Recent reports suggest that criminal groups and state-sponsored hackers may be using the method as well.