The United States Securities and Exchange Commission (“SEC”) recently brought fraud charges against 32 defendants for taking part in a scheme to profit from stolen nonpublic information. The SEC alleges that the scheme involved hacking into newswire services to steal information from news releases that had not yet been released to the public. As a result, the defendants were able to trade securities based on the stolen nonpublic information and generate more than $100 million in illegal profits. The SEC’s complaint seeks a final judgment ordering the defendants to pay civil penalties, return their ill-gotten gains with prejudgment interest, and be subject to permanent injunctions from future violations of the antifraud laws.
This case highlights specific cybersecurity concerns for public companies and emphasizes the importance of safeguarding confidential information for companies and third parties that have access to nonpublic information. Given the magnitude of the illegal profits in this case, there is a risk that others will try to profit from similar schemes in the future. Therefore, public companies and their service providers may want to revisit their cybersecurity practices to help prevent future attacks.