JP Morgan hit by largest hack of customer data

Shalon – an Israeli citizen who also went by the names Garri Shalelashvili, Phillipe Mousset and Christopher Engeham – directed hacks to further his market-manipulation and Internet gambling schemes, the indictment said.

The indictment against Shalon, Orenstein and Aaron includes counts of computer hacking, securities fraud, wire fraud, identity theft, illegal internet gambling and conspiring to commit money laundering.

The Feds say the defendants are responsible for hacking into JP Morgan Chase previous year and obtaining access to more than 80 million customer accounts.

Tuesday’s charges expand a case first announced in July, and according to U.S. Attorney General Loretta Lynch target “one of the largest thefts of financial-related data in history”. Asked, “In Israel, you guys probably don’t have to be afraid of the United States of America… meaning that even if there is a few case, they won’t be able to do anything?”

Based on the charges, each of the three men indicted will face decades behind bars if convicted. Aaron, 31, a US citizen who lives in Moscow and Tel Aviv, remains at large and is the subject of an Federal Bureau of Investigation “wanted” poster.

Among the various schemes alleged in the indictment, the defendants used the stolen data to send emails in an effort to artificially pump up the prices of certain “penny” stocks – a so-called “pump and dump” operation.

A lawyer for Orenstein did not immediately return a message seeking comment. They say there were also attacks against several other financial institutions, financial services corporations and financial news publishers. A few of the institutions weren’t named in Tuesday’s indictment. The indictment mentions an unnamed co-conspirator who allegedly helped Shalon and the others to hack into systems and install malware that provided them with “persistent access”.

The scheme ran from 2012 to mid-2015. After the stock price was inflated, members of the conspiracy would sell off their shares and rake in huge profits. The hackers stole the personal information of over 100 million customers across the companies.

The suspects are thought to have used more than 200 fraudulent identification documents, including 30 false passports, to control at least 75 shell companies as well as numerous bank and brokerage accounts around the world.

JPMorgan Chase confirmed yesterday that it had been attacked and said that it was co-operating with law enforcement officials “in bringing the criminals to justice”. Data breaches are information-gathering expeditions that yield sensitive data that’s extremely valuable to criminals.

A fourth man, Anthony Murgio, 31, from Florida, USA, was also arrested on charges of illegal Bitcoin exchanges. They are charged in a scheme to hack into E-Trade Financial Services Corp. and Scottrade Financial Services Inc.to steal personal information from millions of customers with the intent to build their own securities brokerage.