ORX News digest of the month – January 2019
- 26 February 2019
Every month the ORX News team publishes a featured digest from the ORX News Service. It's a detailed look at one of the losses reported in the media that month, and is handpicked by the team as one of the most interesting stories.
Story spotlight: Hackers access SEC EDGAR database to steal files and execute insider trades
On 15 January 2019, the DoJ and SEC announced charges related to a 2016 hacking of the SEC’s Electronic Data Gathering, Analysis, and Retrieval system (EDGAR) in which hackers accessed test filings uploaded by corporations containing confidential information. Hackers and traders who accessed the system allegedly made at least $4.1m in profits through insider trades based on this information.
Hackers and traders allegedly conspired to gain unauthorised access to the EDGAR system between February 2016 and March 2017. To gain access, the hackers exploited a software vulnerability, and used targeted cyberattacks including directory traversal attacks, phishing attacks, and infecting computers with malware. The hackers then copied corporate filings to servers they controlled, and the confidential information they contained was used to trade before at least 157 earnings releases between May 2016 and October 2016.
The DoJ formally indicted two Ukrainians on charges of securities fraud conspiracy, wire fraud conspiracy, computer fraud conspiracy, wire fraud and computer fraud. The SEC also filed a civil complaint charging one of the Ukrainian men, six traders in California, Ukraine, and Russia, and two entities. Some of those involved had previously been charged by the SEC for a hack of newswire services in 2015.
ORX News subscribers can read the full story on the ORX News website