Quantcast
The MFWire
 Manage Email Alerts | Sponsorships | About MFWire | Who We Are

Subscribe to MFWire.com's News Alerts [click]

Rating:Which Fund Firm Was Attacked In the Great Financial Services Hack of 2014? Not Rated 0.0 Email Routing List Email & Route  Print Print
Wednesday, November 11, 2015

Which Fund Firm Was Attacked In the Great Financial Services Hack of 2014?

News summary by MFWire's editors

Federal prosecutors are trying to bring down what they describe as a vast, multi-year, multinational hacking conspiracy, and they say a mutual fund shop was one of the victims. [See MFWire's living timeline for more updates and history on the great financial services hack.]

Preet Bharara
 U.S. Attorney for the Southern District of New York
Today U.S. Attorney Preet Bharara revealed a previously-sealed 68-page indictment, accusing Gery Shalon, Joshua Samuel Aaron, and Ziv Orenstein (each listed with one or more additional aliases) of masterminding a "cybercriminal enterprise operated through hundreds of employees, co-conspirators and infrastructure in over a dozen countries." The indictment says seven financial services companies, two financial news publishers, two software developers, and a "merchant risk intelligence firm" were all victimized by the alleged cybercriminal network. The scandal most-famously involves a cybersecurity breach of a giant bank, J.P. Morgan, but the Feds say a mutual fund shop was targeted, too. (The DoJ has posted the whole indictment online.)

The indictment describes "Victim-2" as "one of the world's largest financial services corporations, providing mutual fund, online stock brokerage and other services, with headquarters in Boston, Massachusetts." If you think that sounds like a certain 401(k) recordkeeping titan and mutual fund giant led by a family with the last name Johnson, you're not alone. Indeed, Bloomberg, Reuters (twice) and USA Today all point to Fidelity [profile] as one of the targets. And it sounds like the Fido tech team promptly fought the hackers off.

Here's what prosecutors claim happened to Victim-2:

... in April 2014, SHALON and his co-conspirators unlawfully accessed the network of Victim-2 by exploiting the so-called "Heartbleed" vulnerability, which had, at that time, just been widely identified as a previously unrecognized security vulnerability that exist in computer network servers on a widespread basis. While they succeeded in gaining access to Victim-2's network, shortly after they did so, Victim-2 recognized and repaired the Heartbleed vulnertability in its systems.


USA Today says that Fidelity declined to confirm whether or not it was "Victim-2".

"We have confirmed with the FBI that there is no indication that our customers were affected," a Fido spokesman told the paper.

The Boston Globe, CFO, the Chicago Tribune, the Financial Times, the Guardian, the New York Times, and the Wall Street Journal all also covered the unsealed indictment. The Feds claim that the cyberattacks were connected with illegal online casinos, payment processors for illegal drug suppliers, malware, an illegal Bitcoin exchange, and attempts to "artificially manipulate the price of certain stocks."

J.P. Morgan, online brokerages TD Ameritrade and Scottrade, and News Corp's Dow Jones unit all confirmed that they were victims of the alleged hacking conspiracy. 

Edited by: Neil Anderson, Managing Editor


Stay ahead of the news ... Sign up for our email alerts now
CLICK HERE

0.0
 Do You Recommend This Story?


GO TO: MFWire
Return to Top
 News Archives
2025: Q1
2024: Q4Q3Q2Q1
2023: Q4Q3Q2Q1
2022: Q4Q3Q2Q1
2021: Q4Q3Q2Q1
2020: Q4Q3Q2Q1
2019: Q4Q3Q2Q1
2018: Q4Q3Q2Q1
2017: Q4Q3Q2Q1
2016: Q4Q3Q2Q1
2015: Q4Q3Q2Q1
2014: Q4Q3Q2Q1
2013: Q4Q3Q2Q1
2012: Q4Q3Q2Q1
2011: Q4Q3Q2Q1
2010: Q4Q3Q2Q1
2009: Q4Q3Q2Q1
2008: Q4Q3Q2Q1
2007: Q4Q3Q2Q1
2006: Q4Q3Q2Q1
2005: Q4Q3Q2Q1
2004: Q4Q3Q2Q1
2003: Q4Q3Q2Q1
2002: Q4Q3Q2Q1
 Subscribe via RSS:
Raw XML
Add to My Yahoo!
follow us in feedly


  1. MMI webinar - Enhancing the Advisor Experience, January 16
  2. MFDF webinar - AI and Fund Compliance, January 21
  3. MFDF In Focus - In Focus: Small Boards' Use of Skills Matrices, January 22
  4. IDC webinar - SEC Enforcement Trends: What Fund Directors Should Know, January 23
  5. ICI webinar - Legal and Compliance Career Opportunities in the Asset Management Industry, January 24
  6. FSI OneVoice 2025, Jan 27-29
  7. MFDF 2025 Directors' Institute, Jan 27-29
  8. Nicsa webinar - An Intro to Irish and Luxembourg Investment Platforms for US Asset Managers, January 29
  9. WE South - Dallas | Texas Stock Exchange, Politics, & Product Development, January 30
  10. 2025 ICI Innovate, Feb 3-5
  11. Nicsa webinar - AI In Operations: Boosting Productivity for Wealth & Asset Management Firms, February 5
  12. MFDF In Focus: Understanding Distribution - What the Data Can Tell You, February 6
  13. MFDF Director Discussion Series - Open Forum, February 10
  14. MFDF Director Discussion Series - Open Forum, February 11
  15. MMI Darden-in-Residence II, Feb 24-6
  16. 2025 MMI RIA Forum, February 27
  17. IDC Core Responsibilities of Fund Directors, February 27
  18. Citywire Scottsdale CIO Summit 2025, Feb 27-28
  19. Expect Miracles In Manhattan 2025, February 27
  20. T3 Technology Conference 2025, Mar 3-6
  21. IMEA Distribution Intelligence Summit, Mar 4-5
  22. Nicsa 2025 Strategic Leadership Forum, Mar 5-7
  23. Citywire Pro Buyer New York Due Diligence Retreat 2025, Mar 6-7
  24. MFDF 2025 Fund Governance & Regulatory Insights Conference, Mar 6-7
  25. MFDF 15(c) White Paper Webinar Series: Part 3 - Gartenberg Factors Analysis and Challenges, March 12
  26. ICI Investment Management Conference, Mar 16-19




©All rights reserved to InvestmentWires, Inc. 1997-2025
14 Wall Street | 20th Floor | New York, NY 10005 | P: 212-331-8968 | F: 212-331-8998
Privacy Policy :: Terms of Use