Hacker who hijacked SEC’s X account pleads guilty, faces maximum five-year sentence therecord.media/hacker-hi…

The hacker responsible for breaking into the X account of the U.S. Securities and Exchange Commission (SEC) and posting false information is facing a maximum prison sentence of five years after pleading guilty on Monday.

Eric Council Jr., a 25-year-old native of Athens, Alabama, pleaded guilty to conspiracy to commit aggravated identity theft and access device fraud. His sentencing hearing is scheduled for May 16.

The SEC’s X account was taken over and used to share false information about plans to approve exchange-traded funds (ETFs) that contain cryptocurrency like bitcoin.

At the time of the incident, X confirmed that an investigation revealed that the account compromise “was not due to any breach of X’s systems, but rather due to an unidentified individual obtaining control over a phone number associated with the @SECGov account through a third party.”

The X statement, which came from the site’s safety team, claimed the account did not have two-factor authentication enabled, something disputed in the indictment.