A 39-year-old British hacker, Robert Westbrook, has been charged in the US for allegedly orchestrating a $3.75 million insider trading scheme. Westbrook is accused of gaining unauthorized access to corporate executives’ email accounts to profit from confidential financial information.
US authorities arrested Westbrook in London last week, and he is currently awaiting extradition to face multiple charges, including securities fraud and wire fraud. The alleged hacking incidents took place between January 2019 and May 2020, during which Westbrook reportedly hacked into the Microsoft Office 365 accounts of executives at five US companies.
Court documents reveal that Westbrook used the access to gather non-public earnings information, which he then utilized to make trades before the companies’ announcements, resulting in substantial profits. Authorities claim that Westbrook implemented auto-forwarding rules to send emails from the compromised accounts to his own, while also taking steps to conceal his identity by using VPN services, anonymous email accounts, and cryptocurrency.
The US Securities and Exchange Commission (SEC) has filed a civil complaint against Westbrook, with the Department of Justice (DoJ) initiating criminal proceedings. Jorge G. Tenreiro, acting chief of the SEC’s Crypto Assets and Cyber Unit, emphasized the SEC’s commitment to protecting markets and investors from cyber fraud. He highlighted the Commission’s advanced data analytics and technology in uncovering fraud cases, even those involving sophisticated international hacking.
If convicted, Westbrook faces severe penalties, including a maximum prison sentence of 20 years for each securities and wire fraud charge, with an additional five years for each count of computer fraud. He may also be required to pay millions in fines and could face a permanent ban from trading securities.
The case serves as a stark reminder of the risks posed by cyber threats in the financial sector, underscoring the importance of robust cybersecurity measures to safeguard sensitive information and prevent unauthorized access. As the investigation unfolds, authorities continue to work towards holding perpetrators of cyber fraud accountable for their actions.