Quantcast
The MFWire
 Manage Email Alerts | Sponsorships | About MFWire | Who We Are

Subscribe to MFWire.com's News Alerts [click]

Rating:Which Fund Firm Was Attacked In the Great Financial Services Hack of 2014? Not Rated 0.0 Email Routing List Email & Route  Print Print
Wednesday, November 11, 2015

Which Fund Firm Was Attacked In the Great Financial Services Hack of 2014?

News summary by MFWire's editors

Federal prosecutors are trying to bring down what they describe as a vast, multi-year, multinational hacking conspiracy, and they say a mutual fund shop was one of the victims. [See MFWire's living timeline for more updates and history on the great financial services hack.]

Preet Bharara
 U.S. Attorney for the Southern District of New York
Today U.S. Attorney Preet Bharara revealed a previously-sealed 68-page indictment, accusing Gery Shalon, Joshua Samuel Aaron, and Ziv Orenstein (each listed with one or more additional aliases) of masterminding a "cybercriminal enterprise operated through hundreds of employees, co-conspirators and infrastructure in over a dozen countries." The indictment says seven financial services companies, two financial news publishers, two software developers, and a "merchant risk intelligence firm" were all victimized by the alleged cybercriminal network. The scandal most-famously involves a cybersecurity breach of a giant bank, J.P. Morgan, but the Feds say a mutual fund shop was targeted, too. (The DoJ has posted the whole indictment online.)

The indictment describes "Victim-2" as "one of the world's largest financial services corporations, providing mutual fund, online stock brokerage and other services, with headquarters in Boston, Massachusetts." If you think that sounds like a certain 401(k) recordkeeping titan and mutual fund giant led by a family with the last name Johnson, you're not alone. Indeed, Bloomberg, Reuters (twice) and USA Today all point to Fidelity [profile] as one of the targets. And it sounds like the Fido tech team promptly fought the hackers off.

Here's what prosecutors claim happened to Victim-2:

... in April 2014, SHALON and his co-conspirators unlawfully accessed the network of Victim-2 by exploiting the so-called "Heartbleed" vulnerability, which had, at that time, just been widely identified as a previously unrecognized security vulnerability that exist in computer network servers on a widespread basis. While they succeeded in gaining access to Victim-2's network, shortly after they did so, Victim-2 recognized and repaired the Heartbleed vulnertability in its systems.


USA Today says that Fidelity declined to confirm whether or not it was "Victim-2".

"We have confirmed with the FBI that there is no indication that our customers were affected," a Fido spokesman told the paper.

The Boston Globe, CFO, the Chicago Tribune, the Financial Times, the Guardian, the New York Times, and the Wall Street Journal all also covered the unsealed indictment. The Feds claim that the cyberattacks were connected with illegal online casinos, payment processors for illegal drug suppliers, malware, an illegal Bitcoin exchange, and attempts to "artificially manipulate the price of certain stocks."

J.P. Morgan, online brokerages TD Ameritrade and Scottrade, and News Corp's Dow Jones unit all confirmed that they were victims of the alleged hacking conspiracy. 

Edited by: Neil Anderson, Managing Editor


Stay ahead of the news ... Sign up for our email alerts now
CLICK HERE

0.0
 Do You Recommend This Story?


GO TO: MFWire
Return to Top
 News Archives
2025: Q4Q3Q2Q1
2024: Q4Q3Q2Q1
2023: Q4Q3Q2Q1
2022: Q4Q3Q2Q1
2021: Q4Q3Q2Q1
2020: Q4Q3Q2Q1
2019: Q4Q3Q2Q1
2018: Q4Q3Q2Q1
2017: Q4Q3Q2Q1
2016: Q4Q3Q2Q1
2015: Q4Q3Q2Q1
2014: Q4Q3Q2Q1
2013: Q4Q3Q2Q1
2012: Q4Q3Q2Q1
2011: Q4Q3Q2Q1
2010: Q4Q3Q2Q1
2009: Q4Q3Q2Q1
2008: Q4Q3Q2Q1
2007: Q4Q3Q2Q1
2006: Q4Q3Q2Q1
2005: Q4Q3Q2Q1
2004: Q4Q3Q2Q1
2003: Q4Q3Q2Q1
2002: Q4Q3Q2Q1
 Subscribe via RSS:
Raw XML
Add to My Yahoo!
follow us in feedly


    Sorry, no records in the database matched your search parameters. Clich back and try again.



  1. MFDF webinar - Essential Strategies in Board Oversight of Operational Risk Management, October 14
  2. WE South - How to Trade an ETF, October 14
  3. 2025 MMI Annual Conference, Oct 15-17
  4. MFDF webinar - Series Trust Funds - Effective Board Relationships with Advisers, October 15
  5. Nicsa webinar - Board Considerations: Fiduciary Duties and Decision-Making In ETF Dual Share Adoption, October 15
  6. IMEA webinar - Rethinking Audience, Access, and Impact In Advisor-Facing Content, October 16
  7. WealthManagement.com webinar - Exploring the Longevity of the Manulife John Hancock/Boston Partners Collaboration, October 16
  8. WE Philadelphia - Fall Networking Happy Hour, October 16
  9. MFDF webinar - From Awareness to Assets: Why Marketing Matters for Registered Funds, October 21
  10. Nicsa webinar - ETF Dual Share Classes: Preparing For Operational Success, October 22
  11. Citywire Pro Buyer Los Angeles Retreat 2025, Oct 22-23
  12. MFDF webinar - Latest in Closed-End Funds Litigations, October 23
  13. Samfund Soiree Manhattan 2025, October 23
  14. Tiburon CEO Summit XLIX, Oct 27-29
  15. IDC Fund Directors Conference, Oct 27-29
  16. IMEA Leadership Planning Meeting, October 28
  17. IMEA Leadership Summit, Oct 28-29
  18. IMEA Rising Star luncheon, October 28
  19. IMEA Boutique Managers luncheon, October 28
  20. IMEA Philanthropic Day, October 28
  21. 2025 Sohn San Francisco Investment Conference, October 28
  22. Nicsa ALFI webinar - The Proposed New Luxembourg Carried Interest Regime: Elixir of Life for Luxembourg Investment Funds?, October 29
  23. Schwab Impact 2025, Nov 2-4
  24. UCITS & AIFMD for U.S. Managers 2025, Nov 4-5
  25. MFDF In Focus webinar - Audit Committee Chair, November 5
  26. IMEA Digital Marketing Roundtable, November 5




©All rights reserved to InvestmentWires, Inc. 1997-2025
14 Wall Street | 20th Floor | New York, NY 10005 | P: 212-331-8968 | F: 212-331-8998
Privacy Policy :: Terms of Use