SEC Files Charges in Hacking Case Commission Says 4 Firms Unwittingly Helped Latvian Trader Gain Access to Brokerage Accounts By JEAN EAGLESHAM And ANDREW ACKERMAN U.S. securities regulators stepped up their battle against hackers Thursday, filing civil charges against four firms that allegedly became unwitting enablers of a complex fraud by a Latvian trader. In one of the first cases of its kind, the Securities and Exchange Commission took enforcement action against four U.S.-based electronic trading firms used by the trader as well as charging the alleged hacker himself. The SEC said Igors Nagaicevs, 34 years old, combined hacking with stock manipulation to execute a "brazen and systematic securities fraud" that netted him more than $850,000 in illegal profits. Mr. Nagaicevs couldn't be reached for comment Thursday. The SEC filed its action while he was still outside the U.S. and he has yet to be served with the charges, officials said. The SEC alleged that Mr. Nagaicevs hacked into the online brokerage accounts of customers at large U.S. broker-dealers more than 150 times between June 2009 and August 2010. Officials declined to disclose those broker-dealers targeted but said they had compensated their customers for the total of more $2 million lost due to the alleged hacking. Mr. Nagaicevs drove the prices of more than 100 stocks up or down by making unauthorized purchases or sales in the "hijacked" accounts, the SEC said. He profited from these artificial price movements by trading the stocks, using the "unfettered" anonymous access to the U.S. markets offered by four online electronic firms, the SEC said. Officials said the firms should have been registered as brokers but weren't, exposing "U.S. markets to real harm by evading crucial safeguards of the federal securities laws." The trading took place before the SEC last year implemented new rules governing the way broker-dealers allow their customers to trade on U.S. exchanges, which include heightened controls and monitoring of customers' activity. "This case should send a strong message to firms allowing individuals access to U.S. trading markets that they are expected to comply with rules that require such traders to be properly vetted," Sanjay Wadhwa, deputy chief of the SEC's market abuse enforcement unit, said in an interview. One of the four trading firms, Mercury Capital of La Jolla, Calif., and its president, Lisa Hyatt, agreed to settle charges. Richard Rizzo, an associate at Zanshin Enterprises LLC, of Boise, Idaho, another of the trading firms, also agreed to settle SEC charges, though his firm is contesting them. Ms. Hyatt and Mr. Rizzo each agreed to pay a $35,000 penalty, the SEC said. Mercury Capital, which will pay no penalty as part of its settlement, is no longer in business. A lawyer for Mr. Rizzo said the modest penalty agreed to by the SEC showed his client "never intentionally allowed the activities alleged against Mr. Nagaicevs." The two other trading firmsâAlchemy Ventures of San Mateo, Calif., and KM Capital Management of Philadelphiaâare also contesting the SEC's charges. A lawyer for KM Capital Management and its two co-owners declined to comment. Lawyers for the other firms and executives didn't return calls seeking comment. The SEC's lawsuit came the same day the Financial Industry Regulatory Authority, a self-regulatory organization that oversees broker-dealers, warned investors of e-mail hack attacks. "Finra has received an increasing number of reports involving investor funds being stolen by fraudsters who first gain access to the investor's email account and then email instructions to the firm to transfer money out of the brokerage account," the alert said. Finra warned investors to check their brokerage accounts for unauthorized transactions and to change their account login information such as their passwords. âJacob Bunge contributed to this article.
Can't be sure but could be the same Lisa Hyatt in La Jolla who was an ex-principal of Tuco and/or ex-manager at Ocean View Capital. There was a Richard Rizzo associated with Epiphany -- but I have no idea if it's the same guy.
connect the dots to this scam . the prop business has some shady characters View Lisa Hyatt's professional profile on LinkedIn. ... Lisa Hyatt. Managing Partner, Ocean View Capital. Location: Greater San ... Trader at OceanView Capital ... http://www.cboe.com/publish/DisDecision/11-0016 and 11-0020.pdf
NOT A SINGLE CANADIAN FIRM WAS CHARGED OR EVEN MENTIONED IN THIS ARTICLE. What's more ironic here: The firms being charged for unknowingly being an aid in stock manipulation? Or this article getting a new headline by SgtSlottter that manipulates people's sentiment toward completely unrelated companies? I wish I could punch you in the face through the internet SgtSlottter...
In rereading my previous post, the overall context of my above statement may have been unfair, and I regret posting it. Not only do I have no idea if it's the same guy, I also do not know if the Rizzo associated with Epiphany misbehaved in any way with respect to the collapse of that entity.
I don't know if this actually correlates with that argument you posted on the other thread. It seems as if some of the firms were taken advantage of. I believe it mentions that they paid some money back to their members or clients. The scheme seems to be orchestrated by some guy outside of the US...with terms like hacking and what not. Do you have a link to the article? Thanks
yes, but the point is, if these firms were registered as they were supposed to be, then maybe fraud could have been prevented in the first place.
Hardly. The problem suppsedl was that a hacker got access to account information and then manipulated stock prices by trading on behalf of remote traders of the companies. Basically he bought penny stocks, then "a lot of traders" on those companies pushed the price higher. Without ever doing so. Now, registered companies may have higher legal standard for IT, but at the end nothing will stop incompetence from slipping in, laziness or something like that. This is a new dimension so to say of "how to make money via fraud" and those companies were victims as much as their customers. They now refund the customers for losses for the trades that were never authorized in the first place. No regulation can stop that. Look how many times credit card information get stolen. Imagine someone geting ahold of access information for some online broker.... and voila, same desaster. Could happen Ebay and a ton of others. only harsh scrutiny protects.
Most idiotic and inaccurate reply to date. 1) First of all, Mercury Trading is a Canadian firm. I don't know about the rest. Read the SEC press releases and cases against them. 2) And I guess I manipulated the Wall Street Journal article headline? You credibility is kind of shot if you can't even use Google News. There is about 50 articles on the story, plus the SEC.gov news release site has the actual cases and the press releases. 3) You wish you could punch me through the internet? Seems like a cowardly threat. At lease you could desire to punch me face to face? Fact is, every time someone warns of something which requires further investigation, people like you start escalating the rhetoric but with no substance against it.
You are right about the IT and potential of the online brokers being victims when it comes to the actual registered broker dealers where the hacker stole the account info. No doubt, the clients of those firms will be returned their capital. I posted in the 'prop firm' section since I think there is a bigger point here. If you use a registered broker dealer, not an unregistered broker dealer, the CBOE or FINRA or PHLX require outside brokerage disclosure, monitoring of trades, compliance reporting, etc etc etc. Another one firms check daily is if a person does a high percent of volume in an individual symbol. Then they are supposed to review the trades and look for manipulation. If this was done through regular Registered BDs, this would have been over before it started. We all know regulation of stock trading isn't perfect even with registered BDs, but this would not have occured. Apparently this guy wasn't even documented ID wise with most of the entities he perpetrated the fraud through. He sure as hell knew to go to unregistered LLCs to do what he was doing. So basically, these companies which allowed this to happen cut corners and put their owners, companies, and traders at risk. If you put capital in one of these UNREGISTERED firms, and they can't pay their fines on their own, your money may be used to pay them. If you trade through one of these companies, you are really inviting trouble on yourself. Now we can add these companies to the to the list of people who got in trouble, which includes the likes of Tuco, Warrior Fund, Team Trading, Jasper Capital, and HLV. As much as I have been flagging some concerns on about a specific registered BD, I think everyone should consider that company over these. While no answers have been provided there on important questions, at least someone (the CBOE) is watching many aspects of their business and keeping some accountability. These Unregistered companies just have no accountability and can be exploited, raising the probability your money is at risk.