DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Follow-up: Settlement OK’d in DA Davidson hacker lawsuit, extortionists indicted

Posted on November 13, 2009 by Dissent

In January 2008, Davidson Companies, a Great Falls-based investment company, revealed that a hacker had broken into a database in 2007 and obtained the names and Social Security numbers of some 226,000 Davidson clients. A lawsuit filed against the company in April was re-filed in May of 2008. Now the lawsuit has settled and there has been progress on the law enforcement front in identifying those involved and bringing them to justice.

Claire Johnson of the Billings Gazette reports that a class action lawsuit filed against the company has now been settled. The terms of the settlement include a $1 million reserve for class members for reimbursement if they suffer losses through identity theft. The agreement also reportedly gives them until June 2011 to file a claim for losses.

Meanwhile, a criminal investigation into the hacking of Davidson’s computer files appears to have borne fruit. Investigators followed a trail that led to the arrest of three Latvians in the Netherlands. The suspects allegedly were to pick up money from the company in an extortion plot in which D.A. Davidson initially was advised to send the money to Russia.

The three Latvian suspects were extradited from the Netherlands and arrived in the United States on Oct. 22. Aleksandrs Hoholko, 29, Jevgenijs Kuzmenko, 25, and Vitalijs Drozdovs, 33, pleaded not guilty during an arraignment in Great Falls on Oct. 26.

A fourth “John Doe” defendant, identified as Robert Borko, has not appeared on charges.

Prosecutors allege that it was the fourth defendant who hacked into D.A. Davidson’s computer system and downloaded more than 300,000 client files.

He then sent the company an e-mail advising that their clients’ financial information had been compromised and attached 20,000 account records to prove his claim. In more e-mails, the hacker suggested that the company may want to keep the breach confidential, identified himself as a information technology security consultant and agreed to delete all the stolen information and identify security weaknesses.

Read more in the Billings Gazette.

Maybe my memory is shot, but I don’t recall ever hearing about the extortion aspects of this incident until now.

Category: Financial SectorHackOf NoteU.S.

Post navigation

← UK: Primary Care Trusts breach the Data Protection Act
Press Copy to have your Identity Stolen →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.
  • Websites selling hacking tools to cybercriminals seized
  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database
  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.