A group of Russian hackers infiltrated the servers of Dow Jones & Co., owner of the Wall Street Journal and several other news publications, and stole information to trade on before it became public, according to four people familiar with the matter.
The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission are leading an investigation of the infiltration, according to the people. The probe began at least a year ago, one of them said.
Dow Jones, in a statement, said: “Since Bloomberg published its article, we have worked hard to establish whether the allegations it contains are correct. To date, we have been unable to find evidence of any such investigation.” The breach is described by the people familiar with it as far more serious than a lower-grade intrusion disclosed a week ago by Dow Jones, a unit of Rupert Murdoch’s News Corp. The company said last week that it is working with a cybersecurity firm and law enforcement after learning that hackers had sought contact and payment information of about 3,500 customers.
It’s unclear whether the incursions are related. It’s also unclear whether the company’s news-gathering operations were affected in the insider-trading matter. Two of the people familiar with the investigation said the hackers sought information including stories being prepared for publication.
Kelly Langmesser, a spokeswoman for the FBI New York office, confirmed the office is investigating a breach at Dow Jones but declined to comment further. Jim Margolin, a spokesman for the Manhattan U.S. Attorney’s Office, declined to comment. Peter Carr, a spokesman for the Justice Department’s criminal division, also declined to comment, as did spokesmen for the Secret Service and the SEC.
The White House was briefed on the investigation and the FBI and SEC have spent months trying to determine exactly how the hackers could profit from what they took, consulting financial and market experts among other specialists, the people said. Information embargoed by companies and the government for release at a later time could be valuable to traders looking to gain an edge over other market participants, as could stories being prepared on topics like mergers and acquisitions that move stock prices.
Dow Jones publishes the Wall Street Journal and Barron’s and provides information through a number of services including Dow Jones Newswires. Bloomberg LP, the parent of Bloomberg News, competes with News Corp. in providing financial news and services.
The hack investigation shows how quickly law enforcers are shifting to a new front in insider trading: cyberspace. Market-moving, nonpublic information used to trade hands in secret meetings. Hackers are now stealing sensitive information and selling it to traders. This new vulnerability in the financial markets is challenging law-enforcement officials who are trying to keep pace with cyber-criminals’ rapidly evolving moneymaking schemes.
For would-be inside traders, business journalists and data providers are a rich target. Potentially market-moving scoops often develop in-house for days or weeks, promising intruders a long pre-publication window to mine information and execute trades. Data being held for public release at a specified time can also be a gold mine in markets where the profitably of a trade is determined in a fraction of a second.
Dow Jones says in its annual report that its Factiva service provides global business content to about 1.1 million active users. “More than 4,000 sources make information available via Factiva on or before the date of publication by the source,” according to the report. Dow Jones Newswires publishes more than 16,000 news items each day to financial professionals and investors.
Hacking for Tips
U.S. authorities are ramping up their pursuit of hackers after a series of high-profile attacks on corporations. In August, federal authorities made several arrests in what they called a years-long scheme that fused insider trading and hacking. In that matter, Russian-speaking hackers working from Ukraine were indicted along with traders for siphoning more than 150,000 press releases, including corporate earnings containing data that could be used to anticipate stock market moves, prosecutors said.
Those hackers broke into the servers of PRNewswire Association LLC, Marketwired and Business Wire, a unit of Warren Buffett’s Berkshire Hathaway Inc., over a five-year period, according to prosecutors. The group allegedly made more than $100 million in trades using unreleased earnings releases of companies such as Panera Bread Co., Boeing Co., Caterpillar Inc. and Oracle Corp., through retail brokerage accounts.
Information companies are regularly bombarded by hackers. When he disclosed the customer-data breach on Oct. 9, Dow Jones Chief Executive Officer William Lewis said the incursion was part of a “broader campaign involving a number of other victim companies.” Dow Jones learned of the hack from law enforcement officials, Lewis wrote, saying it had determined its system was breached at times between August 2012 and July 2015 by hackers whose goal appeared to be gathering contact information for customers so it could send them fraudulent solicitations. The company said it had no direct evidence that information was stolen. Earlier Russian-speaking hackers breached 97 websites.