[ISN] SEC halts traders' $7.8M hacking scheme

From: InfoSec News (isn@private)
Date: Wed Nov 02 2005 - 07:15:43 PST


http://money.cnn.com/2005/11/01/markets/scandal_sec_bizwire/

November 1, 2005

NEW YORK (CNN/Money) - The Securities and Exchange Commission charged
an Estonian financial services firm and two of its employees with
stealing confidential information from Business Wire and walking away
with at least $7.8 million in illegal profits.

The complaint alleges that the defendants stole confidential
information from the Business Wire Web site, a disseminator of news
releases and regulatory filings for companies and groups, and traded
in advance of more than 360 confidential press releases issued by more
than 200 U.S. public companies.

The defendants named in the complaint are Oliver Peek, Kristjan Lepik,
and the investment bank Lohmus Haavel & Viisemann. Peek is employed by
Lohmus and works for its investment services team, Lepik is a partner
at the firm.

According to the complaint, Lohmus became a client of Business Wire to
gain access to Business Wire's secure client site.

Once the defendants had access, they used a "spider" software program,
which provided unauthorized access to confidential information of
other Business Wire clients contained in press releases which had yet
to be made available to the general public.

"No one," Business Wire Chairman and CEO Lorry Lokey said in a
statement, "gained access to our news release file prior to
distribution to the media and investment community. Some of the SEC
statements in its complaint have been misinterpreted."

Certain individuals gained access to a screen shot of limited
background information, the company acknowledged but this information
did not include the content of news releases.

According to the SEC, the defendants used several U.S. brokerage
accounts to buy long or sell short the stocks of the companies whose
confidential press release information they stole, and also to
purchase options to increase their profits before the information had
been disseminated by Business Wire.

"Our action today demonstrates that we will seek out and stop
securities fraud wherever we find it. Whether in an old-fashioned
boiler room or, as in this case, in the high-tech environs of the
Internet, such conduct will be met with a swift and vigorous
enforcement response," Linda Chatman Thomsen, Director of the SEC's
Division of Enforcement, said in a statement.

"We acted today to stop a clever and pernicious securities fraud and
to preserve funds for investors. This case highlights that even when
fraudsters invent new ways to violate the securities laws, the
Commission will track them down and stop them, wherever they are
located," Daniel M. Hawke, Associate District Administrator of the
Commission's Philadelphia District Office, said in the statement.

The defendants violated Section 10(b) of the Exchange Act, the SEC
said. The U.S. District Court for the Southern District of New York
issued a temporary restraining order to freeze the defendants' assets.



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.



This archive was generated by hypermail 2.1.3 : Wed Nov 02 2005 - 22:21:34 PST