By Verne Kopytoff
FORTUNE -- A fraudster hacks into a company's Twitter account and posts a phony announcement about sales reaching an all-time high. Shares in the company soar and then quickly crash after investors realize the news was merely a ruse to manipulate the stock price. Companies must, of course, be vigilant in preventing hackers from infiltrating their social media accounts. But that is especially true following the Security and Exchange Commission's decision earlier this month to let businesses disclose important financial information through Twitter and Facebook.
If all goes as expected, millions of investors will turn to social media to get quarterly earnings reports, acquisition announcements, and other "material" information. The idea is to make important corporate updates more accessible to the public, many of whom already spend hours a day on Twitter, Facebook (FB), and LinkedIn (LNKD). The SEC's new guidelines represent a big change. In the past, the agency required companies to make "material" information public only via press release services like Business Wire, regulatory filings, and on their own corporate Web sites.
The addition of social media to the mix creates more risk. Corporate Twitter accounts, in particular, have proven to be vulnerable to hackers. In the past few months, news organizations like CBS, NPR, and Associated Press have all fallen victim. In the case of AP last week, hackers posted a fake report on Twitter about a bombing at the White House, causing the Dow Jones Industrial Average (INDU) to plunge over 140 points -- erasing $136 billion in market value -- within a few minutes until the fraud was exposed. A group allied with the Syrian government claimed responsibility.
Earlier in the year, hackers also breached the Twitter accounts of Burger King (BKW) and Jeep. Whoever took them over, however, had a sense of humor. A message posted in Burger King's account claimed, falsely, that the company had been acquired by McDonald's (MCD). Meanwhile, Jeep was said to have been bought by Cadillac.
Companies have a self-interest in keeping their social media accounts secure. But the SEC has not issued any specific rules on the matter. In general, the SEC has said that companies "should consider" implementing "controls and procedures" to prevent insiders from posting fraudulent information online. There's no mention of preventing outsiders like hackers from gaining access or any penalties for companies that are careless with security.
"You might get a lot of grief for being idiots, but I don't think you'd get any SEC sanction," says Alan Denenberg, an attorney who specializes in securities law for Davis Polk, a corporate law firm. Companies would be required, however, to quickly correct any misstatement made to investors, he said.
Companies planning to use social media for key announcements must tell investors ahead of time, according to the SEC. Everyone will therefore be on an even playing field when it comes to information. Denenberg says that the policy also helps with preventing problems like rogue employee or stock manipulators posting inaccurate information on unofficial accounts. Investors will know to look only to the chief executive's personal Facebook account for official information, for example, and to disregard other social media.
The risk of malfeasants posting fake corporate information isn't entirely new. Over the years, a number of fraudsters have manipulated stock prices by posting phony press releases online. In such cases, the companies and shareholders were considered the victims.
Terry Hendershott, a professor of finance and information technology at University of California at Berkeley, points out that companies whose social media accounts are hacked aren't entirely immune from consequences. Investors who suffer a financial loss from a hacking can file a civil lawsuit accusing a company of lax security. They would need to prove the company created a weak password, for example, or that an executive lost his mobile phone. "A company would have to show that they took all reasonable precautions," Hendershott says.
Bart Chilton, one of five commissioners with the Commodity Futures Trading Commission, which oversees commodity trading, called for more aggressive regulation to stop hackers from impacting market prices. Companies that allow their social media accounts to be infiltrated -- and hackers to manipulate the market through those accounts -- should be fined. Chilton plans to bring up the issue at the commission's next meeting. He advised the SEC's commissioners to take similar steps, although he has no authority with the agency, which oversees public companies.
Everyone in the market, Chilton says, "should super-size their computer security to ensure that their social media is as safe and secure as everything else they do."
A circuit breaker kicked in after high-frequency trades from BATS triggered a flash crash
The hearts of Apple (AAPL) traders stopped briefly at 10:57 a.m. Friday when the company's share price, which had opened the day at $600.49 suddenly plummeted 9.4% to $542.80.
The rapid fall triggered a circuit breaker and trading was halted for five minutes. When it resumed, Apple was down $3 to $597.58.
The source was quickly traced to a MOREPhilip Elmer-DeWitt - Mar 23, 2012 11:53 AM ET
Fortune's curated selection of the day's most newsworthy tech stories from all over the Web. Sign up to get the newsletter delivered to you every day.
* Nintendo slashed the price of its 3DS handheld system by roughly one-third (from $250 to $170) because of lower-than-expected sales during the first three months. The gaming company also lowered its annual profit forecast by a stunning 82%. President Satoru Iwata said in an online letter it was MOREJP Mangalindan, Writer - Jul 29, 2011 7:41 AM ET
SecondMarket, Sharespost, NYPPEX all let wealthy investors treat private companies, like Facebook, as publicly traded ones. Are they flouting securities laws, or reinventing them for the 21st century?
By Kevin Kelleher, contributor
Sorry, small investors. If you want to buy shares in Facebook, Groupon or Twitter, you're going to have to wait until their IPOs.
That much is certain now that the Securities and Exchange Commission has started looking into the trading of MOREJan 4, 2011 1:34 PM ET
Senior executives and board members made big year-end gifts to charity
Forms filed with the Securities and Exchange Commission Tuesday show two senior Apple (AAPL) executives and two board members taking advantage of the stock's record-high prices to donate nearly 10,000 shares between Dec. 10 and Dec. 17.
The single largest donation was made by board member Millard Drexler, current CEO of J. Crew (JCG) and former chairman of The Gap (GPS). MOREPhilip Elmer-DeWitt - Dec 29, 2010 12:47 PM ET
|2 million Facebook, Gmail and Twitter passwords stolen in massive hack|
|Job growth drives mortgage rate jump|
|Investors brace for big dip in stocks|
|GM to discontinue Chevrolet brand in Europe|
|Ron Paul: Bitcoin could 'destroy the dollar'|