Not all hackers out there are looking to steal your information and use it for personal gain. Rather than setting up sophisticated schemes to obtain website logins or get millions of credit card records and personal information from huge retail chains, some hackers preferred to read the news before you do.
And that early access to information is how some of them made millions.
According to The New York Times, hackers and their partners in the stock trading business made $100 million by reading press releases before they actually hit the news, and trading based on that information before everyone else got a chance to find out details about a company’s plans.
Hackers compromised various news sites, including Business Wire, PR Newswire and Marketwire, even after being detected and kicked out of their systems.
The Times tells the story of one particular hack involving people with connections to Eastern European hackers. Before Panera Bread announced quarterly earnings and guidance for the fourth quarter of 2013, traders who already knew the stock would tank after the news release came out shorted more than 100,000 shares of Panera stock. The scheme netted them just shy of $1 million in one afternoon.
Panera announced on October 22nd, 2013, that while its profit for the third quarter was in line with Wall Street’s expectations, the restaurant chain had to revise guidance downward for the Christmas quarter, as fewer people came to its restaurants, and food and labor prices were rising.
The press release was set to be issued after stock market trading closed at 4 p.m. that day. But two hours before that, traders who had knowledge of the announcement started shorting Panera stock.
The hackers who stole the press releases used SQL injections to compromise the security of the news sites and retrieve information stored in databases, such as unpublished statements. The information was then passed to traders who could make money from that information.