Nine Hackers Indicted On $100 Million Inside Trader Scheme

Source: Andrew Burton / Getty

Panera Bread Co., the national restaurant chain that specializes in healthy soups and baked goods, prepared a news release in late October 2013 to announce the downward shift in its earnings expectations for the recently begun fourth quarter.  The release was one of many sent by publicly traded companies to business news services for publication.

According to federal authorities a group of computer hackers and stock traders already accessed the release in the computer system of the Toronto business newswire, Marketwired.  The group supposedly made $17 million worth of trades, and orders by using the information in the release to bet on Panera’s stock losing value once the news went public.

According to a criminal indictment unsealed Tuesday against nine people in the U.S. and Ukraine the hackers were correct, and made nearly $1 million in profit.  The international hacking scheme accumulated $100 million between 2010 and 2015.

This particular case is being called the biggest of its kind ever prosecuted, and one that exposed exactly how vulnerable the financial world is to cybercrime.  The Securities and Exchange Commission also brought civil charges against the nine plus 23 other people and companies in the U.S. and Europe.

The nine people indicted include two Ukrainian computer hackers and six stock traders. Prosecutors said the defendants made about $30 million from their part of the scheme.

On Tuesday five defendants were arrested in the U.S. and warrants were issued for four others in Ukraine.  Those charged included Pavel, Igor and Arkadiy Dubovoy.

Authorities say those suspects are related but no further details on how they are related has been given. Arkadiy and Igor were arrested at their homes in Alpharetta, Georgia.

However Pavel was believed to be in Ukraine.  According to authorities in 2010 and through as recently as May, the hackers were able to access more than 150,000 press releases that were about to be issued by Marketwired; PR Newswire in New York; and Business Wire of San Francisco.

The press releases contained details of earning figures and other crucial corporate information.  Prosecutors said 800 of those news releases were used to make trades before the information came out, exploiting a time gap ranging from hours to three days.  Prosecutors provided even more alarming news about the group’s ability to illegally tap into the news services’ computer systems via “phishing,” a practice in which hackers send an email with a seemingly innocuous link that, if clicked on, can lead to the divulging of the user’s login and password information.

The most serious charges in the indictment are wire fraud and security fraud, which carry up to 20 years in prison.  The SEC lawsuit named 17 individuals and 15 companies both in the U.S. and abroad, in such places as Russia, France, Malta and Cyprus.

The agency is considering unspecified fines and restitution against the 32 defendants.  Business Wire said in response to the breach it has hired a cybersecurity firm to test its systems to make sure they’re protected and PR Newswire said it is cooperating with the investigation.

For more information click here

Text “LIGHT” To 37890 for your chance at ticket giveaways and news before anyone else!…Standard Messaging Rates Apply