Federal prosecutors in New York announced [press release] Tuesday that they are expanding criminal charges [indictment, PDF] against the three individuals responsible for orchestrating a massive computer hack against financial institutions, brokerage firms and financial news publishers. Gery Shalon, Joshua Aaron and Ziv Orenstein allegedly hacked JP Morgan Chase and 11 other companies including Dow Jones. They reportedly stole over 100 million customers’ names and e-mail addresses, making this the largest theft of customer data in US financial sector history. Due to the scale of the hacking, the three men were also able to operate other illegal activities including: illegal Internet casinos, payment processing services for other criminals and an unlicensed bitcoin exchange. Prosecutors are pursuing the extradition of Orenstein and Shalon, who are currently in the custody of the Israeli police. The three hackers are charged with 23 counts, including securities fraud, wire fraud, aggravated identity theft, identification document fraud conspiracy and money laundering conspiracy. The Securities and Exchange Commission (SEC) is also pursuing separate civil charges against the three men in response to a “pump and dump” scheme where they allegedly artificially inflated [WSJ report] penny stock prices, e-mailed JP Morgan customers suggesting they purchase these stocks, then sold their stocks for a massive profit.
Due to cybercrime’s international reach, many countries have recently began to implement specific laws pertaining to the Internet and cyberspace. In August the SEC indicted [JURIST report] an international web of hackers and traders who allegedly stole information from press releases prior to publication and traded on said information, making over $100 million in illegal profits. In July 2014 police arrested seven individuals [JURIST report] on charges connecting them to an international group that defrauded the online ticketing service StubHub of approximately $1.6 million. In February 2014 the Philippines high court upheld [JURIST report] its Cybercrime Prevention Act of 2012, which combats various online crimes such as hacking, identify theft, child pornography and libel. In April 2013 the US House of Representatives passed [JURIST report] the controversial cybersecurity bill known as the Cyber Intelligence Sharing and Protection Act (CISPA) [text, PDF] which was designed as a way to stop cyber attacks on US infrastructure as well as private