The U.S. Securities and Exchange Commission (SEC) has determined the root cause behind its hacked X account, which sparked a fair amount of controversy after a false post about the supposed approval of a spot Bitcoin exchange-traded fund (ETF) made the rounds on social media.

In a statement on Monday, a spokesperson for the SEC said that the agency had determined that an unauthorized party was able to gain access to the X account by gaining control of the phone number associated with the account through a “SIM swap” attack.

A SIM swap attack takes place when a hacker convinces a phone carrier to switch a mobile number to a SIM in their possession. As of last August, around $13.3 million had been stolen from 54 attacks targeting people in the crypto industry alone.

“Once in control of the phone number, the unauthorized party reset the password for the @SECGov account,” said the spokesperson.

“Among other things, law enforcement is currently investigating how the unauthorized party got the carrier to change the SIM for the account and how the party knew which phone number was associated with the account.”

The regulator is still working with federal entities like the Federal Bureau of Investigation and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to investigate.

The SEC spokesperson also said that multi-factor authentication (MFA) on the official SEC X account had been disabled at their request for the last six months, due to issues related to accessing the account. The SEC has since re-enabled MFA on the account after it was compromised on Jan. 9.