Russian Hackers suspected for the intrusion of Dow Jones systems

Bloomberg states that the ongoing investigation conducted by US authorities was probing allegations that there is a Russian gang behind the Dow Jones hack.

Dow Jones has provided further information on the data breach that the company has recently suffered.

A week ago, the CEO of Dow Jones & Co disclosed the incident confirming that 3,500 people were affected.

The Dow Jones firm confirmed it discovered unauthorized access to its customer payment system that occurred between August 2012 and July 2015.

The investigators believe that the attackers were searching for contact information of current and former Dow Jones subscribers, whom records include name, addresses, email addresses, and phone numbers.

“As part of the investigation to date, we also determined that payment card and contact information for fewer than 3,500 individuals could have been accessed, although we have discovered no direct evidence that information was stolen. We are sending those individuals a letter in the mail with more information about the support we are offering. If you do not receive such a letter, we have no indication that your financial information was involved,” the letter states published by the Dow Jones Chief Executive William Lewis .

Yesterday Bloomberg reported that the ongoing investigation conducted by the FBI, US financial watchdog the SEC, and America’s Secret Service were probing allegations that there is a Russian criminal ring behind the attack. According to the investigators, the Russian gang was financially motivated, the hackers search for unpublished financial data and news articles and press releases from the Dow Jones computers to get an edge on the market. Attackers are now stealing sensitive information and selling it to traders and operators in the industry.

“A group of Russian hackers infiltrated the servers of Dow Jones & Co., owner of the Wall Street Journal and several other news publications, and stole information to trade on before it became public, according to four people familiar with the matter.” states Bloomberg Business.

“The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission are leading an investigation of the infiltration, according to the people. The probe began at least a year ago, one of them said.”

Anonymous sources reported to Bloomberg that the intrusion into the Dow Jones systems may have happened over a year ago.

“To the best of our knowledge, we have received no information from the authorities about any such alleged matter, and we are looking into whether there is any truth whatsoever to this report by a competitor news organization,” said Colleen Schwartz, VP of communications at Dow Jones. 

Systems managing trading information are privileged targets for criminal organizations, in August the US authorities dismantled Insider Trading Ring Nets $100M. Law enforcement identified and arrested members of an international gang of hackers and stock traders specialized in the theft of trading info.

The Department of Justice charged a group of nine hackers and stock traders in a criminal conspiracy with making more than $30 million in illegal trades based on exfiltrated data.

At the same time a civil case from the US Securities and Exchange Commission citing 32 defendants which made over $100 million in illicit profits.

The investigators discovered that two Ukrainian hackers breached computers of Marketwired, PR Newswire and Business Wire, which provides press releases specialized in trading.

The hackers launched sophisticated cyber attacks against the media agencies stealing some 150,000 press releases from February 2010 through this year.

Pierluigi Paganini

(Security Affairs – insider trading, Dow Jones)