JPMorgan Chase Hack Could Be Connected to Stock, Bitcoin Schemes (July 22, 2015)
Last year’s cyberattack on JPMorgan Chase may have been part of a scheme to manipulate stock prices rather than to steal personal financial data, according to a new report. Federal authorities arrested four men in Florida and Israel this week in connection with an ongoing “pump-and-dump” scam, in which the suspects allegedly convinced investors to buy certain stocks, thereby driving up prices; the scammers then would sell their own shares at the artificially inflated prices. According to a report by the New York Times, at least some of the men involved in the scheme had a hand in the JPMorgan hack, which compromised the names, addresses, email addresses and phone numbers of 83 million bank customers, making it the largest such breach on record.
At the time, it was widely speculated that the data obtained in the breach could be used for identity theft and other financial fraud. But the Times—citing sources close to the investigation—reported that the aim may have been much simpler. The source said he believed the defendant intended to use email addresses obtained in the breach to identify new targets for the pump-and-dump scheme, which dates back to 2011. At the time of the attack, JPMorgan said no customer financial information or Social Security numbers were compromised in the hack.
Two of the men arrested were accused of running an illegal money-transfer operation that enabled cybercriminals to convert bitcoin into cash. It was unclear if that operation was connected to the JPMorgan hack. Both the stock manipulation and bitcoin scams were discovered after authorities began investigating the four men arrested this week—along with a fifth man who’s still at large—in connection with the attack on JPMorgan. Prosecutors are hoping to use the evidence connected to the two fraud schemes to bring charges for the cyberattack as well, the Times said.