The Russian Hack of the EDGAR

A few years ago Ukranians hacked EDGAR to obtain nonpublic earnings information and used that information to trade stocks. The hackers made about $1.4 million and spread that information to associates for about $4.1 million in total profit. Now a bigger hacking plot has been discovered and it has bigger international implications.

The Securities and Exchange Commission brought fraud charges against five Russian nationals for engaging in a multi-year scheme to profit from stolen corporate earnings announcements obtained by hacking into the systems of two U.S.-based filing agent companies before the announcements were made public. These companies helped to “Edgar-ize” documents for filing in the EDGAR system. It looks like the SEC did a good job of securing its systems. This private provider did less so.

It was more lucrative. The SEC claims that the hacking group made over $80 million in profits. Maybe they made better use of the information than the Ukrainians did in their plot. Or maybe the five Russians had more capital.

The Russians hacked into the providers’ public company clients’ filings include, among other things, Forms 8-K and related exhibits, which consist of press releases containing the public companies’ earnings announcements. The Providers’ public company clients can use the platforms to create, edit, and submit their filings to the SEC through the EDGAR filing system. The weak security was at provider instead of the main database.

It looks like the hackers were not just hacking the SEC filings. Some of the five are implicated in the alleged hacking around the 2016 election.

One of them was just scooped up in Switzerland and has been extradited back to the United States for charges. Vladislav Klyushin. He had flown to Switzerland for a ski vacation at the Zermatt ski resort. It looks like US intelligence learned of the travel and had the Swiss pick up Klyushin at the airport. Russia and the US fought over extradition, with the US eventually winning and putting him on plane to face charges.

The five hackers worked at a Russian information technology firm called M-13 that specialized in penetration testing and other services. Looks like they were wearing white hats and black hats.

Sources:

Author: Doug Cornelius

You can find out more about Doug on the About Doug page

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.