DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

ASIC: 19-153MR Computer hacker Steven Oakes jailed for unauthorised access and insider trading

Posted on June 26, 2019 by Dissent

JUNE 25: IT consultant Steven Oakes has today been sentenced in the County Court at Melbourne to a total effective sentence of three years imprisonment, and ordered that he be released after serving 18 months of the term of imprisonment, on his own recognisance to be of good behaviour for 18 months, after pleading guilty to a total of 11 charges for insider trading, unauthorised access to data with the intention to commit a serious offence (insider trading) and the alteration of electronic devices required by ASIC.

Between January 2012 and February 2016, Mr Oakes hacked into the private computer network of Melbourne-based financial publisher, Port Phillip Publishing (PPP). Mr Oakes attended within the vicinity of PPP’s secure Wi-Fi network and used hacking software to intercept and decrypt Wi-Fi data to obtain the network login credentials of PPP staff. He did this with the intention of using PPP’s information to engage in insider trading.

The inside information was buy recommendations for shares in particular ASX listed companies from unpublished PPP stock recommendation reports. The publication of a buy recommendation by PPP for a particular company typically caused an increase in that company’s share price.

Mr Oakes used this inside information on 70 occasions to buy shares in 52 different companies, before the reports with the buy recommendations were published. He made profits from selling the shares soon after the publication of the reports (18-136MR).

During ASIC’s investigation, ASIC Enforcement officers visited Mr Oakes at his home and gave him a compulsory Notice under the ASIC Act requiring him to immediately produce to the officers particular electronic devices. Mr Oakes failed to produce the devices at that time, instead providing them at a later date. When the devices were analysed by ASIC digital forensic analysts, they found that Mr Oakes had altered the devices to delete data relating to ASIC’s investigation. (See more in the ASIC infographic below)

‘Technology-enabled offending, including cyber-related market misconduct, has been a priority for ASIC’s Enforcement teams. Despite the sophistication of cyber criminals, ASIC can identify and investigate suspicious market activity connected to computer hacking activities, as it did in the case against Mr Oakes. Traders should be aware that ASIC continues to focus on cyber-related offending,’ ASIC Commissioner Cathie Armour said.

In sentencing Mr Oakes, Her Honour Judge Fox said Mr Oakes was ‘motivated by greed’, that ‘insider trading is a form of cheating. It is not a victimless crime’. Her Honour also stressed, ‘if you access a secure computer network to commit a crime, you should expect to go to jail’.

The Commonwealth Director of Public Prosecutions prosecuted the matter.

Background

The emergence of cyber-related offending is amongst the most significant concerns for financial markets and the economy at large.

ASIC continues to pursue cyber-related market offending but also encourages all entities operating in Australia’s financial markets to improve their cyber resilience, to combat against these sophisticated crimes.

Given the central role that firms operating in Australia’s financial markets  play in our economy, the cyber resilience of these firms and  participants in our financial markets is a key focus for ASIC.

ASIC’s Report 555 provides a snapshot of the cyber resilience of firms operating in Australia’s financial markets. It identifies key trends from self-assessment surveys completed by financial markets firms and highlights existing good practices and areas for improvement.

ASIC uses specialist markets surveillance technologies for its supervision of markets, involving the analysis of large volumes of trading data, and real-time surveillance. These technologies enable ASIC to detect, understand and respond to misconduct such as insider trading.

Source: Australian Securities and Investments Commission

Related posts:

  • AU: ASIC modifies licensees’ breach reporting obligations
Category: Business SectorHackNon-U.S.

Post navigation

← Texas State Senator Jane Nelson’s cybersecurity bills signed into law
Borough of Westwood, NJ provides notice of a data breach that began in 2018 →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.