Federal authorities have brought broader and more serious charges against a trio of hackers allegedly behind the massive data breach of the nation’s largest bank, JPMorgan Chase, and other cyber attacks against financial institutions.
The data thefts made up the first phase of the alleged crimes by Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein. The trio and others used the stolen personal data to contact unwitting victims and push them into buying stocks, authorities said. The group then manipulated the stock prices for financial gain, according to the indictment unveiled Tuesday.
The three men were charged in a 23-count indictment with crimes including computer hacking, securities fraud, wire fraud, identity theft, illegal Internet gambling and conspiring to commit money laundering.
U.S. Attorney for the Southern District of New York, Preet Bharara, announced the indictment, revealing its connection to the “largest theft of customer data from a U.S. financial institution in history.”
JPMorgan Chase spokeswoman Patricia Wexler confirmed that the bank’s summer 2014 data breach, affecting at least 76 million households, was tied to the indictment.
Bharara said the hacked personal data for tens of millions of bank customers was used to target stock traders.
According to Bharara’s press release: “Since 2011, SHALON, AARON, ORENSTEIN, and their co-conspirators orchestrated multimillion-dollar stock manipulation – or “pump and dump” – schemes to manipulate the price and trading volume of dozens of publicly traded microcap stocks (“penny stocks”) in order to enable members of the conspiracy to sell their holdings in those stocks at artificially inflated prices.”
Last month, business publications owned Rupert Murdoch’s News Corp., including The Wall Street Journal and Barron’s, reported that evidence of hacking to their systems going as far back as 2012. A spokeswoman for News Corp.’s Dow Jones unit told USA Today that the charges announced by Bharara’s office were linked to its data breach, which was revealed in October.
E-Trade and TD Ameritrade were also targeted by the hackers, Reuters reports. Fidelity Investments was also targeted, Reuters reported. However, the mutual fund giant issued a statement to USA Today, saying that Fidelity customers were not affected by the breach. But the company declined to say if Fidelity was the Boston-based victim identified in the indictment.