The Securities and Exchange Commission (SEC) and the Secret Service are investigating data breaches at about sixty companies in the biotechnology, medical instruments, hospital equipment and pharmaceutical drug fields that appear to have been going on since 2013. The information stolen in these data breaches appears to have been used by the hackers, who have been identified as FIN4 by the security company FireEye, which first uncovered the hacking last year, for purposes of insider trading. The hackers focused on executives within the targeted companies that had information about mergers and acquisitions as well as other information useful in predicting the movement of the stocks of these companies on the stock exchanges. Insider trading on non-public information that moves a stock’s price is illegal.
At this point in time we do not know whether the hackers are Americans or are launching the attacks from somewhere outside of the country. Although the evaluation and use of the precise information sought and stolen indicates that the hackers are quite sophisticated both in the health care industry and in financial markets, the manner by which the information was stolen was quite basic. They used phony Microsoft Outlook login pages to trick the targeted individuals into providing their user names and passwords. They would then view private emails and even, on some occasions interject themselves into email conversations in order to gather useful information. Although this is particularly troublesome, regulators should be able to identify who made trades at opportune times and ultimately find the hackers.