The Securities and Exchange Commission said in a statement that it was still investigating the breach of its corporate filing system. The system, called Edgar, is used by companies to make legally required filings to the agency.
The agency said it learned in August that an incident detected last year “was exploited and resulted in access to nonpublic information.” It said the security vulnerability used in the attack had been patched shortly after it was discovered.
The hacking, it said, “may have provided the basis for illicit gain through trading.”
In its statement, the agency did not release further details of the attack, including whether it had resulted in disclosure of any information about particular companies.