In October 2014, multinational banking and financial services company JPMorgan Chase & Co. revealed that private data about more than 76 million households and 7 million small firms had been compromised in a massive cyberattack. Information, including names, phone numbers, addresses, and email addresses, had been exposed by hackers and used for furthering other related operations. For instance, data was believed to have been used for sending spam emails to the stolen addresses.
On July 21, 2015, Israeli-based businessman Gery Shalon was arrested for allegedly being behind the major data breach. To many, Mr. Shalon is one of Israel’s richest entrepreneurs, involved in online trading, Internet gambling, and other related businesses. The businessman is now in an Israeli jail and is likely to spend quite some time behind bars. He is also facing possible extradition to the United States.
In November, US prosecutors unsealed a number of indictments, according to which Mr. Shalon was the mastermind behind a number of other cyberattacks as well. Allegations suggested that he and his main accomplices – Israeli citizen Ziv Orenstein and US citizen Joshua Aaron, who has been residing in Russia for some time and was not arrested, were all involved in a global operation that included illegal online casinos, unauthorized exchange of digital currency, and the provision of payment-processing services to people with criminal ties.
Earlier this year, it became clear that JPMorgan was not the only company to fall victim to a cyberattack. Hackers breached sensitive data about customers of other financial services enterprises and financial publishers.
In October, discount retail brokerage company Scottrade revealed that it had been informed by FBI officials that they had been investigating the alleged theft of client information. Scottrade said in a statement that the incident probably occurred late in 2013 or early in 2014 and resulted in names and street addresses being exposed to hackers.
American publisher and financial information firm Dow Jones & Co., known to be the owner of The Wall Street Journal, also admitted earlier this year that it may have fallen victim to a data breach. It said that card information for about 3,500 individuals may have been accessed in the period between August 2012 and July 2015. Dow Jones also told media that the cyberattack, if there had been one, had targeted certain contact information.
And as mentioned above, US prosecutors alleged that Mr. Shalon and his partners were involved in all three hacks as well as several other data breaches. The Israeli businessman is believed to have been orchestrating cyberattacks since 2012, accessing information about some of the biggest financial enterprises in the United States.
Mr. Shalon and his accomplices were accused of stealing personal information, such as names, addresses, and emails, of more than 100 million clients of the said financial companies. According to US prosecutors the pieces of information were used for various purposes, including false emails about penny stocks to the stolen addresses.
To be more precise, the Israeli businessman and his co-conspirators operated websites, through which they sent false information about penny stocks in order to boost their prices. Then they sold the said stocks to gain profits.
Yet, on the surface, Mr. Shalon was known to be involved in Weblogic Ltd., an Israeli-based Internet marketing firm, officially headed by Mr. Orenstein. The company was founded in 2009 and although Mr. Shalon was nowhere to be seen in the company’s documents, he was believed to be its actual owner. According to the unsealed indictments, the Israeli businessman and his partners were also involved in the provision of online gambling services and trading platforms.
However, according to US prosecutors, most of his companies operated illegal gambling sites in the United States, where such services were generally prohibited in 2006. Former employees of those companies have told investigators that those were located in offices in Ukraine and Kiev and were actively promoting their options to US-based customers.
Although Mr. Shalon was likely the mastermind behind the data breaches and the operation of the illegal gambling sites, he had done little hacking himself. According to a former legal case filed by the US Securities and Exchange Commission, the Israeli entrepreneur and his partner, Mr. Orenstein, had hired hackers to perform the data breaches.
Preet Bharara, US Attorney for New York’s Southern District, has charged Mr. Shalon and Mr. Orenstein. The attorney has called what the two Israeli businessman have created a “diversified criminal conglomerate” that generated illegal profits totaling millions of dollars. What is more, Mr. Bharara has described their endeavors as “the largest theft of customer data from a US financial institution in history.”
