Eric Council Jr. Sentenced for SEC Hack: A Cautionary Tale for the Crypto Community

In a landmark case highlighting the vulnerabilities of the cryptocurrency market, Eric Council Jr. was sentenced to 14 months in prison for his role in a hack of the U.S. Securities and Exchange Commission’s (SEC) X account on January 9, 2024. This incident, which involved the dissemination of false news claiming that the SEC had approved the first Bitcoin exchange-traded fund (ETF) in the U.S., serves as a stark reminder of the risks and consequences associated with cybercrime. As the crypto landscape continues to evolve, incidents like this underline the importance of maintaining integrity and security within the digital finance sphere.

Council Jr., a 26-year-old from Huntsville, Alabama, pleaded guilty to charges of conspiracy to commit aggravated identity theft and access device fraud in February 2024. The U.S. Department of Justice (DOJ) announced on May 16, 2025, that he would also face three years of supervised release upon his imprisonment. His arrest by FBI agents in October 2023 marked the culmination of a meticulous investigation into the exploitation of public sentiment surrounding cryptocurrency regulations.

The court’s ruling on August 29, 2023, had turned heads when the District of Columbia Court of Appeals determined that the SEC acted unjustly in rejecting Grayscale’s spot Bitcoin ETF application. This ruling created a ripple of optimism within the crypto industry, leading to heightened expectations that the SEC might soon approve the first spot Bitcoin ETF. Seizing on this moment of hope, Council Jr. and his accomplices orchestrated a plan to post fraudulent information on the SEC’s official X account, effectively attempting to manipulate the price of Bitcoin.

Council Jr.’s methodical approach involved executing a Subscriber Identity Module (SIM) swap—a technique where a perpetrator convinces a mobile carrier to transfer a victim’s phone number to a SIM card under their control. Utilizing this unauthorized access, Council Jr. fabricated false identification cards for victims, whose personal data was supplied by co-conspirators, to gain control over the SEC’s X account. It was in this capacity that he falsely announced the SEC’s endorsement of a Bitcoin ETF, which he later profited from by receiving payment in Bitcoin for his criminal activities.

The immediate fallout from Council Jr.’s actions was dramatic. Within hours of the false news posting, Bitcoin’s price surged by over $1,000, climbing to approximately $48,000. However, this spike was short-lived, as SEC Chair Gary Gensler quickly acknowledged the hack and denounced the information as fraudulent. Consequently, Bitcoin’s value plummeted by over $2,000, leading to an estimated $50 billion loss in market capitalization within 24 hours and causing about $220 million in liquidations overall. This chain of events illustrates the significant risk that misinformation poses to financial markets and investor confidence.

FBI officials have characterized the hack as "a calculated criminal act meant to deceive the public and manipulate financial markets." Such remarks emphasize the broader implications of Council Jr.’s actions—not only in terms of financial loss but also in eroding public trust within the increasingly complex and volatile realm of cryptocurrency. As stakeholders from all sectors lean into the burgeoning digital asset market, the importance of cybersecurity becomes ever clearer.

In conclusion, Eric Council Jr.’s sentencing should serve as a warning to both aspiring hackers and those involved in the cryptocurrency sector. As the market continues to grow, so too does the necessity for maintaining trust, security, and compliance with regulatory frameworks. Authorities are likely to intensify their scrutiny of cybercrimes, particularly in sectors as influential and transformative as cryptocurrency. Moving forward, stakeholders must prioritize robust security measures to safeguard against the types of manipulations exemplified by this case. The repercussions of such occurrences not only affect individual investors but also the integrity of the market as a whole, making it crucial for everyone involved to stay vigilant against cyber threats.