Jonathan Stempel reports:
U.S. authorities on Tuesday charged several individuals and companies in a scheme to trade on information in nonpublic corporate press releases by hacking into a U.S. Securities and Exchange Commission database.
In a filing with the U.S. District Court in Newark, New Jersey, the SEC said individuals in the United States, Russia and Ukraine reaped more than $4.1 million in illegal gains by trading on nonpublic filings from its Edgar database, including approximately 157 corporate earnings announcements.
According to the SEC, some of the defendants kicked back some of their trading profits to Oleksandr Ieremenko, a Ukrainian hacker who along with others infiltrated Edgar between May 2016 and October 2016 to obtain thousands of “test filings,” including some containing earnings results.
Read more from Reuters on CNBC.
This is in my wheelhouse. I love how the SEC is guilty of similar cybersecurity failings as the advisors they fine when breaches occur.
One example: “SEC Charges Investment Adviser With Failing to Adopt Proper Cybersecurity Policies and Procedures Prior To Breach” see https://www.sec.gov/news/pressrelease/2015-202.html
When a breach happens to businesses, the businesses are blamed. When a breach happens to the government, the hackers are at fault. Irony alert!