NYSE Operator Intercontinental Exchange Gets $10M SEC Fine Over 2021 Hack

Intercontinental Exchange, the company that operates NYSE and other exchanges, has agreed to pay a $10 million fine related to a 2021 hack.

The US Securities and Exchange Commission (SEC) announced on Wednesday that Intercontinental Exchange (ICE) has agreed to pay a $10 million fine to settle charges related to a hacker attack that occurred in 2021.

ICE, described as a foundational part of the global financial system, operates the New York Stock Exchange (NYSE) and other exchanges. The company learned from a third-party in April 2021 that one of its VPNs was hacked through the exploitation of a zero-day vulnerability. 

The hackers planted malicious code on the VPN device, which had been used for remote access to the company’s corporate network.

While the targeted VPN has not been named, one zero-day that made headlines in April 2021 was CVE-2021-22893, which at the time was exploited against Pulse Secure ...