Even while much of the Securities and Exchange Commission (SEC) is on furlough due to the US government shutdown, today the SEC announced charges against nine defendants for participating a hack into the SEC’s EDGAR system – the database that hosts all mandated securities filings. The ploy was to view sensitive financial data before it was published. The data was then to be used for illegal trading.
The SEC has charged a Ukrainian hacker and six individual traders in California, Ukraine, and Russia, plus two entities. The SEC added that the hacker and some of the traders were also involved in a similar scheme to hack into newswire services and trade on information that had not yet been released to the public.
The SEC alleges that after hacking the newswire services, Ukrainian hacker Oleksandr Ieremenko turned his attention to EDGAR and gained illicit access in 2016. After gaining access to nonpublic earnings results, the information was passed to individuals who would trade in the window between when the files were viewed and when the companies went public with their information.
The SEC said that in total the individuals traded off of at least 157 earnings releases from May to October 2016. The allegation is the perpetrators generated a minimum of $4.1 million in illegal profits.
The SEC alleges that the following traders received and traded on the hacked EDGAR information:
• Sungjin Cho, Los Angeles, California
• David Kwon, Los Angeles, California
• Igor Sabodakha, Ukraine
• Victoria Vorochek, Ukraine
• Ivan Olefir, Ukraine
• Andrey Sarafanov, Russia
• Capyield Systems, Ltd. (owned by Olefir)
• Spirit Trade Ltd.
“Today’s action shows the SEC’s commitment and ability to unravel these schemes and identify the perpetrators even when they operate from outside our borders.”
Enforcement Division Co-Director Steven Peikin added that the defendants used offshore accounts to place the trades in an attempt to cover their tracks:
“Our staff’s sophisticated analysis of the defendants’ trading exposed the common element behind their success, providing overwhelming evidence that each of them traded based on information hacked from EDGAR.”
The SEC alleged that Ieremenko circumvented EDGAR’s security controls to obtain nonpublic “test files,” which issuers can elect to submit in advance of making their official filings to help make sure EDGAR will process the filings as intended.
The investigation is ongoing.