Skip to main content
Press Release

Three Charged with Hacking into E*Trade and Scottrade in Massive Data Breach and Identity Theft Scheme

For Immediate Release
U.S. Attorney's Office, Northern District of Georgia

ATLANTA – Three individuals were charged in an indictment unsealed today with an international scheme to hack into E*TRADE Financial Services Corporation and Scottrade Financial Services, Inc. to steal sensitive personal identifying information from millions of customers and build their own securities brokerage using the companies’ proprietary databases.

“The massive scale of these data breaches is staggering. But the methods and goals of this scheme are all too familiar and highlight the critical threat that cyber-crime poses to our nation’s economic security,” said U.S. Attorney John Horn. “The indictment alleges that the defendants launched sophisticated cyber-attacks against financial institutions and stole personal identifying information of millions of customers. The charges announced today send a clear message that international borders will not impede our efforts to prosecute cyber-criminals who seek to breach our computer networks.”

J. Britt Johnson, Special Agent in Charge, FBI Atlanta Field Office, stated, “This investigation, and the charges announced today, clearly illustrates that the FBI and its partners will not tolerate attacks of any kind on our nation’s financial infrastructure, and will continue to pursue those responsible as part of our collective effort to protect our citizens’ personal information. While corporations that hold our citizens’ data continue to be the targets of the evolving cyber threat, they are also the key to defeating it. This investigation is a prime example of how collaborative efforts between the public and private sector lead to tangible results in the fight against digital crimes.”

According to the indictment unsealed today: Between November 2012 and August 2014, Gery Shalon, a/k/a/ Garri Shalelashvili, Joshua Samuel Aaron, and an unidentified third hacker conspired to hack into the computer networks of financial institutions and media companies to steal customer data. In online chats, Shalon and the hacker discussed their plan to use the stolen customer contact information to build their own brokerage database for marketing stocks to potential investors, boasted about their early success in “cold-calling” investors, and expressed hope that a bank would pay to acquire their database.

The indictment alleges that Shalon directed the hacker to breach companies with large customer databases of investors, including E*TRADE and Scottrade, and the hacker infiltrated their networks using sophisticated hacking techniques. In late November 2013 and early December 2013, the hacker breached Scottrade’s network and E*TRADE’s network using overseas servers provided by Shalon. After gaining a foothold in both networks, the hacker asked Shalon for the login credentials of a customer account at both companies in order to locate their customer databases. In response, Aaron provided Shalon with login credentials that Aaron wrongfully obtained from a United States victim, including the victim’s username and password, and Shalon sent the information to the hacker.

The indictment alleges that, using the victim’s login credentials, the hacker located E*TRADE’s and Scottrade’s customer databases. Shalon and the hacker discussed the personal identifying information information visible in the databases, and at Shalon’s direction, the hacker exported stolen customer data, including names, residential addresses, phone numbers, and email addresses, to an overseas server provided by Shalon.

In total, the defendants compromised customer databases containing the personal information of more than 10 million customers of E*TRADE and Scottrade alone.

A federal grand jury in Atlanta, Ga., returned a 10-count sealed indictment against Shalon, Aaron, and the third hacker on October 27, 2015.  The indictment was unsealed today.  The indictment charges them with one count of conspiracy to commit wire fraud, three counts of wire fraud, one count of conspiracy to commit computer fraud, two counts of computer fraud, and three counts of aggravated identity theft. Shalon, 31, a resident of Israel, was arrested by Israeli law enforcement in Savyon, Israel on July 21, 2015, and remains in custody in Israel, where extradition proceedings are pending. Aaron, 31, a United States citizen and resident of Israel, is not in custody.

Members of the public are reminded that the indictment contains only allegations. A defendant is presumed innocent of the charges, and it will be the government’s burden to prove the defendants’ guilt beyond a reasonable doubt at trial.

This case is being investigated by the Federal Bureau of Investigation with valuable assistance provided by the New York Field Office of the United States Secret Service. E*TRADE and Scottrade cooperated fully in the investigation. Foreign law enforcement partners also made significant contributions to the investigation, including the exceptional support and cooperation provided by the National Cyber Unit of the Israel Police. Valuable assistance also was provided by the Criminal Division’s Office of International Affairs and the U.S. Attorney’s Office for the Southern District of New York.

Assistant United States Attorney Nathan P. Kitchens is prosecuting the case.

For further information please contact the U.S. Attorney’s Public Affairs Office at USAGAN.PressEmails@usdoj.gov or (404) 581-6016.  The Internet address for the home page for the U.S. Attorney’s Office for the Northern District of Georgia Atlanta Division is http://www.justice.gov/usao/gan/.

Updated November 13, 2015

Attachment