A British hacker accused of orchestrating a $3.75m insider trading scheme has been charged in the US.
Robert Westbrook, 39, allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information.
US authorities arrested Westbrook last week in London, and he is awaiting extradition to face multiple charges, including securities fraud and wire fraud.
Between January 2019 and May 2020, Westbrook is said to have hacked into the Microsoft Office 365 accounts of executives at five US companies.
According to court documents, he used this access to gather non-public earnings information, which he then used to make trades before the companies’ announcements, resulting in significant profits.
Authorities claim that Westbrook repeatedly implemented auto-forwarding rules to send emails from the compromised accounts to his own. He also took several steps to hide his identity, including using VPN services, anonymous email accounts and cryptocurrency.
The US Securities and Exchange Commission (SEC) has filed a civil complaint against Westbrook, while the Department of Justice (DoJ) has initiated criminal proceedings.
“The SEC is engaged in ongoing efforts to protect markets and investors from the consequences of cyber fraud,” warned Jorge G. Tenreiro, acting chief of the SEC’s Crypto Assets and Cyber Unit.
“As this case demonstrates, even though Westbrook took multiple steps to conceal his identity – including using anonymous email accounts, VPN services and utilizing bitcoin – the Commission’s advanced data analytics, crypto asset tracing and technology can uncover fraud even in cases involving sophisticated international hacking.”
Read more about How to Address Shortcomings in API Security
If convicted, Westbrook faces severe penalties. Each security and wire fraud charge carries a maximum prison sentence of 20 years, while each count of computer fraud could add five years. He could also be required to pay millions in fines and may be permanently barred from trading securities.
Source: Infosecurity Magazine
Latest Posts:
- #CyberMonth: Software Updates, A Double-Edged Sword for Cybersecurity Professionals
Software updates are critical in protecting systems from cyber threats and providing new and improved functionality to software products. They are necessary to patch vulnerabilities that can be exploited by malicious actors, ensuring that systems remain secure. Software updates are one of the four pillars of the 2024 International Cybersecurity Awareness Month campaign. As part … - Universal Music Group Admits Data Breach
Universal Music Group (UMG), one of the world’s largest music corporations, disclosed a data breach in mid-July 2024. According to a filing with the Maine Attorney General’s Office, the breach may have exposed the personal information of 680 US residents. In the filing, UMG said it detected unauthorized activity in one of its internal applications on July 15, … - Sellafield Fined for Cybersecurity Failures at Nuclear Site
Sellafield Ltd. has been fined £332,500 ($437,440) for cybersecurity failures at the Sellafield nuclear facility in Cumbria, North-West England. Westminster Magistrates Court issued the fine following a prosecution brought by the Office for Nuclear Regulation (ONR), the UK’s independent nuclear regulator. Sellafield Ltd has also been ordered to pay prosecution costs of £53,253.20 ($70,060). The offences …