BREAKING STORY: FULL TEXT DOJ Indictment and SEC Complaint In Law Firm Email Hacking Insider Trading Cases

December 27, 2016

Preet Bharara, the United States Attorney for the Southern District of New York, and William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation ("FBI"), announced the arrest of IAT HONG and the unsealing today of a 13-count superseding indictment charging HONG, BO ZHENG, and CHIN HUNG (the "Defendants").  The Defendants are charged with devising and carrying out a scheme to enrich themselves by obtaining and trading on material, nonpublic information ("Inside Information"), exfiltrated from the networks and servers of multiple prominent U.S.-based international law firms with offices in New York, New York (the "Victim Law Firms"), which provided advisory services to companies engaged in corporate mergers and acquisitions ("M&A transactions").  The defendants targeted at least seven law firms as well as other entities in an effort to unlawfully obtain valuable confidential and proprietary information.  HONG, a resident of Macau, was arrested on these charges on December 25, 2016, in Hong Kong and is now pending extradition proceedings.  HONG was presented for an initial appearance on December 26, 2016, before a Judge in Hong Kong and is expected to have his next court appearance on January 16, 2017.


SEC Civil Complaint:


The Securities and Exchange Commission today charged three Chinese traders with fraudulently trading on hacked nonpublic market moving information stolen from two prominent New York-based law firms, racking up almost $3 million in illegal profits. The SEC is also seeking an asset freeze that prevents the traders from cashing in on their illicit gains. Today's action marks the first time the SEC has charged hacking into a law firm's computer network.

The SEC's complaint alleges that Iat Hong, Bo Zheng, and Hung Chin executed a deceptive scheme to hack into the networks of two law firms and steal confidential information pertaining to firm clients that were considering mergers or acquisitions.

According to the SEC's complaint, the alleged hacking incidents involved installing malware on the law firms' networks, compromising accounts that enabled access to all email accounts at the firms, and copying and transmitting dozens of gigabytes of emails to remote internet locations. Defendants Hong and Zheng in particular coveted the emails of attorneys involved in mergers and acquisitions, as they exchanged a list of partners who performed the work at one of the law firms prior to the hack at that firm. . .