The Dow Jones news ticker is shown Wednesday, Aug. 1, 2007 in New York's Times Square.Mark Lennihan/The Associated Press
A group of Russian hackers infiltrated the servers of Dow Jones & Co. Inc., owner of the Wall Street Journal and several other news publications, and stole information to trade on before it became public, according to four people familiar with the matter.
The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission are leading an investigation of the infiltration, according to the people. The probe began at least a year ago, one of them said.
The breach is described by the people as far more serious than a lower-grade intrusion disclosed a week ago by Dow Jones, a unit of Rupert Murdoch's News Corp. The company said last week that it was working with a cybersecurity firm and law enforcement after learning that hackers had sought contact and payment information of about 3,500 customers.
It is unclear if the incursions are related. It was also unclear whether the company's newsgathering operations were affected in the insider-trading matter. Two of the people familiar with the investigation said the hackers sought information including stories being prepared for publication.
Information embargoed by companies and the government for release at a later time could be valuable to traders looking to gain an edge over other market participants, as could stories being prepared on topics like mergers and acquisitions that move stock prices.
Dow Jones publishes the Wall Street Journal and Barron's and provides information through a number of services including Dow Jones Newswires. Bloomberg LP, the parent of Bloomberg News, competes with News Corp. in providing financial news and services.
Colleen Schwartz, a spokeswoman for Dow Jones, didn't immediately respond to requests for comment.
Kelly Langmesser, a spokeswoman for the FBI New York office, confirmed the office is investigating a breach at Dow Jones but declined to comment further. Jim Margolin, a spokesman for the U.S. Attorney's Office for the Southern District of New York, declined to comment, as did spokesmen for the Secret Service and the SEC.
The hack investigation shows how quickly law enforcers are shifting to a new front in insider trading: cyberspace. Market– moving, nonpublic information used to trade hands in secret meetings. Hackers are now stealing sensitive information and selling it to traders. This new vulnerability in the financial markets is challenging law-enforcement officials who are trying to keep pace with cyber-criminals' rapidly evolving moneymaking schemes.
For would-be inside traders, business journalists and data providers are a rich target. Potentially market-moving scoops often develop in-house for days or weeks, promising intruders a long pre-publication window to mine information and execute trades. Data being held for public release at a specified time can also be a gold mine in markets where the profitably of a trade is determined in a fraction of a second.
Dow Jones says in its annual report that its Factiva service provides global business content to about 1.1 million active users. "More than 4,000 sources make information available via Factiva on or before the date of publication by the source," according to the report. Dow Jones Newswires publishes more than 16,000 news items each day to financial professionals and investors.
U.S. authorities are ramping up their pursuit of hackers after a series of high-profile attacks on corporations.
In August, federal authorities made several arrests in what they called a years-long scheme that fused insider trading and hacking. In that matter, Russian-speaking hackers working from Ukraine were indicted along with traders for siphoning more than 150,000 press releases, including corporate earnings containing data that could be used to anticipate stock market moves, prosecutors said.
Those hackers broke into the servers of PRNewswire Association LLC, Marketwired and Business Wire, a unit of Warren Buffett's Berkshire Hathaway Inc., over a five-year period, according to prosecutors. The group allegedly made more than $100-million in trades using unreleased earnings releases of companies such as Panera Bread Co., Boeing Co., Caterpillar Inc. and Oracle Corp., through retail brokerage accounts.
Information companies are regularly bombarded by hackers. When he disclosed the customer-data breach on Oct. 9, Dow Jones Chief Executive Officer William Lewis said the incursion was part of a "broader campaign involving a number of other victim companies." Dow Jones learned of the hack from law enforcement officials, Lewis wrote, saying it had determined its system was breached at times between August 2012 to July 2015 by hackers whose goal appeared to be gathering contact information for customers so it could send them fraudulent solicitations. The company said it had no direct evidence that information was stolen.
–With assistance from Chris Strohm in Washington and Gerry Smith in New York.