That security was weak isn't completely shocking when a number of American government agencies have fallen prey to hacks. Also, many government agencies have to make do with aging computers and infrastructure that can't receive software updates outside of exceptional circumstances. The inspector general's office itself has struggled with both poor funding and a lack of clear goals.

Still, the SEC had plenty of time to update its platforms and implement policies that weren't necessarily dependent on newer technology, such as thorough data encryption. The hack also illustrates a serious problem with government cybersecurity in the US. If an agency as crucial as the SEC struggled to improve its security practices over the years, that suggests other important institutions also have a lot to learn about safeguarding critical data.