As discussed in this Reuters article, the GAO announced last month that its audit of the SEC showed that the SEC had "failed to limit remote access to its servers, establish controls over passwords, securely configure all network devices, and adopt security monitoring procedures."  The article posits that "a successful hacker could use nonpublic information to make trouble for a targeted company or rival" and offers this "nightmare scenario:"

A hacker accesses e-mails in U.S. Securities and Exchange Commission computers and splashes them across the Internet, revealing an inquiry into a company that shakes investor confidence before the probe is complete.

Such an attack has never happened at the SEC, but computer experts say it could if the agency fails to tighten security.

"Splashing information" actually would be a fortunate and much less embarrassing outcome for the SEC compared to what greedier hackers might choose to do with such information.  For instance, what do you think the Estonian Spider Hackers would do with that information?  What would Plotkin and Pajcin do with it?  You guessed it.

In fact, "hacking into the SEC" was probably already on the Plotkin/Pajcin business plan, somewhere between stealing Business Week and hiring "exotic dancers" to extract information from investment bankers.