The group was able to breach at least two different high-profile law firms based in New York, which the DoJ has neglected to name. Reuters, however, suggests that Cravath, Swaine & Moore LLP and Weil, Gotshal & Manges LLP may have been the targets. The Wall Street Journal also mentions those two outfits, although notes that spokespeople for both declined to make any public comment. The hackers also attempted to breach several other firms, although their attacks were apparently unsuccessful.
The story, as the DoJ tells it, begins with an unnamed company that enlisted lawyers to look at a deal to buy Intermune. A senior partner in the firm was tasked with examining the pharmaceutical business in the hope of deciding upon a purchase price. Shortly afterward, 40GB of files were stolen from servers, which included detailed financial breakdowns and the suggested share price. The trio began buying Intermune stock, securing 18,000 shares in the company, although that deal subsequently foundered. Not long after, however, pharmaceuticals giant Roche AG purchased Intermune for a reported $8.3 billion -- netting the trio $380,000 in profit.
Those same lawyers are believed to have been retained by Intel in advance of its $16.7 billion acquisition of rival chipmaker Altera. The hackers, once again, used 2.8GB of illegally-obtained information which included the purchase price and terms of the deal. They subsequently purchased 210,000 shares in Altera, which netted them a profit of around $1.4 million when the deal was announced.
Another deal that the hackers were apparently able to learn about in advance was Pitney Bowes' purchase of Borderfree Inc. That required hacking a second law firm with illegally-obtained login details of one of the firm's employees. In that deal, the trio was able to score a profit of $841,000. The DoJ also mentioned several other instances of insider trading, but declined to offer any more information
Given the apparent ease of obtaining the data and the obvious rewards that are on offer, this is not likely to be an isolated incident. Cybersecurity is going to be a much bigger issue in 2017 as hackers become more sophisticated -- not to mention politicized.