What happened in the JPMorgan hack?
Are you concerned about the security of your online data? Then you must have been alarmed by the news of the massive JPMorgan hack that resulted in a Russian hacker facing prison.
Learn more about what happened in this case – from how it was uncovered to why it was so disastrous – and discover what can prevent something like this from happening again.
Russian in Massive JPMorgan Hack Gets 12 Years in Prison
2015 was tumultuous for JPMorgan Chase, the largest bank in the United States. Russian computer hackers hacked its networks that year, stealing data from over 75 million customers. The data included the customers’ names, addresses,phone numbers and account information. This event resulted in one of the largest cybercrime cases in years and has stark implications for companies developing a digital security infrastructure today.
This particular attack is unique due to its highly organized nature, with the perpetrators forming what is believed to be a criminal organization involving four different people who conspired together to commit a massive cyberattack that could have inflicted severe financial damage on banking systems worldwide had it continued unchecked. On Nov. 30 2020 Anthony Murgio was sentenced to 12 years imprisonment after pleading guilty to 13 counts of wire fraud for his involvement in this massive criminal conspiracy.
Overview of the JPMorgan Hack
In 2014, a massive data breach at JPMorgan Chase & Co. compromised 76 million customer accounts and 7 million small business records. Following one of the largest known cyberattacks on a financial institution, U.S. law enforcement agencies were able to trace the source of the attack to Russian hacker Andrei Tyurin. On March 4, 2020, Tyurin was sentenced to twelve years in prison for his role in the data theft.
Tyurin worked with Israeli individuals from his homeland in Russia to prosecute his plot against JPMorgan. Using sophisticated hacking techniques, they breached many corporate systems and passwords within sensitive parts of JPMorgan’s network and servers within 50 companies across six countries. During their widespread cyber attacks over several months, they accessed personal information such as names, emails, phone numbers, and account numbers connected to clients’ respective bank accounts at JPMorgan and other large financial institutions in New York City.
To further their devious plan, they sold or attempted to sell stolen information online while offering services such as instructions on how other hackers could access company databases remotely or methods for avoiding detection by security software programs being used by corporations worldwide. Other malicious attempts included using “phishing” tactics to obtain user names and passwords from unwitting victims to gain access to their private networks containing confidential account information without their knowledge or authorization.
Despite these threats both domestically and internationally by two nations’ criminals teaming up together – law enforcement apprehended those responsible for this large-scale attack on one of America’s most respected banking institutions before any real damage occurred.
Details of the Hack
In 2014, a cybersecurity attack on the JPMorgan Chase bank compromised personal data of over 83 million customers and clients. The hackers had gained access to user names, email addresses, phone numbers, and physical addresses of the bank’s customers. The incident is one of the largest data breaches in US history and caused JPMorgan Chase to spend over $1 billion in response.
Initially, investigators identified three Russian nationals responsible for the attack – Andrei Tyurin, Vadim Polyakov, and Dmitriy Smilianets. In 2017 Tyurin pleaded guilty to accessing computer systems belonging to 77 companies using computers in countries worldwide. He specifically admitted invading JP Morgan’s network with malicious software. In October 2019 he was sentenced to 12 years in prison followed by five years of supervised release. He was also ordered to pay a $6.9 million fine. He was forfeited 73 bitcoins ($548K), 19M dollars worth of property that he accumulated with proceeds from this activity, and his interest in several other properties related to his hacking activities.
Moreover, Tyurin received additional penalties prohibiting him from engaging any computer-related enterprise or owning unregistered firmware-level software often used for malicious purposes such as hacking over networks or through walls built around networks/computers by corporations/individuals for security purposes.
Impact of the Hack
In 2014, a hacker obtained confidential personal information of 76 million households and 7 million small businesses. The data included names, addresses, phone numbers, and email addresses. The hack was estimated to cost JPMorgan Chase around $500 million, making it the largest security breach of a financial services firm in U.S. history.
The hackers were all associated with the Russian cybercrime gang called “The Chill Room” and Gery Shalon orchestrated the attack. Shalon is an Israeli-Russian organized crime boss who ran two major cybercrime empires using various malicious techniques to steal information from banks, brokerages firms and digital currency exchanges worldwide from 2012 to 2015.
The hack caused a severe disruption among customers as they had to rush to refinance their business loans due to access to fraudulent rewards cards and falsified bank accounts linked with their correct details revealed in the hack. Consequently, customers had complained and lawsuits were filed demanding millions in compensatory damages for violations of privacy law as well as compensation for emotional distress, embarrassment and financial losses suffered by those targeted by fraudsters after the breach occurred.
Apart from this direct financial impact that occurred due to a loss of trust between JPMorgan Chase and its customers due to compromised data which exposed individuals’ private information; there were also implications felt company-wide such as needing to invest in system-level security measures as well upgrading existing technology infrastructure post-hack which could have been done precisely if timely security measures had been taken beforehand.
In the summer of 2014, an international group of cyber criminals breached the networks of JPMorgan Chase and Co., a global financial services firm. The attack used malware to steal over eighty million accounts from several other companies. As it turned out, Andrei Tyurin, a Russian national, was part of the criminal organization involved in this hack.
In October 2018, Tyurin was arrested in Georgia and extradited to New York where he pleaded guilty to four counts related to his involvement in the attack on JPMorgan Chase. Tyurin had used advanced scanning tools and methods to identify vulnerable systems within JPMorgan’s computer networks. He then used malware injection techniques to infiltrate computers and install malicious software enabling remote access to company databases across five other companies. Through these intrusions, he stole personal information regarding customers’ account numbers and passwords, which he sold for around $19 million worth of Bitcoin or cash from a buyer in Russia or Eastern Europe. To conceal his activities from law enforcement agents, Tyurin used virtual private networks (VPNs) as well as Tor routers during his actions.
On October 24th 2019, Tyurin was sentenced by a U.S District Court Judge Deborah Batts to twelve years in prison for his involvement in the massive data breach at JPMorgan Chase that not only resulted in millions of dollars’ worth of customer data being stolen but also put the security and privacy of millions at risk worldwide. In addition to sentencing him for twelve years and six months with three years supervised release following his incarceration period, Tyurin also has been ordered by the court to pay an additional fine totaling $19 million; restitution payments have been set at USD 19 billion — this total is meant to cover all damages related to this security breach.
Sentencing of the Russian Involved
On April 13th, 2020, Andrei Tyurin, a 36-year-old Russian man was sentenced to 12 years in federal prison for hacking into JPMorgan Chase & Co.’s computer network. Tyurin pled guilty in November 2018 to participating in a massive security breach of the bank’s computer systems between 2012 and 2015.
Tyurin had been involved in the Canadian dark web crime fraternity “Flower Globe” with other associates who hacked into the networks of twelve large financial companies based in New York and elsewhere. He was also alleged to have sold stolen credit card information from large scale hacks on online marketplaces. One is Galaxy, a small online black market where cybercriminals could buy personal data and malware. He stole 76 million customer records from J.P. Morgan and some 7 million from E*Trade Financial Corp.
The personal data taken was reportedly used to stock other cybercriminals’ own fraudulent “card shops,” which are automated websites used by criminals on dark web markets such as AlphaBay (now defunct) and Dream Market (Shut down earlier this month). These card shops stored data obtained through identity theft or bank account breaches targeting banks worldwide — referring customers back to these criminal sites via password-protected forums to purchase stolen financial credentials for profit by criminals who use this data for fraud activities.
Tyurin distributed more than 11 million stolen payment cards through his criminal activities between 2011-15 alone; he bears responsibility for $19 million worth of losses incurred by his actions over the four years leading up his arrest on November 8th 2017 at John F Kennedy Airport in New York City after he was deported from Germany where he had been living since July 2016 following an Interpol red notice issued against him on behalf of U.S law enforcement agencies.
Aftermath of the Hack
On August 15, 2019, it was reported that 35-year old Andrei Tyurin of Moscow was sentenced to 12 years in prison for playing a role in the massive 2014 JPMorgan Chase hack. He is the first person to be sentenced in this case, out of a group of eight foreign nationals from several Eastern European countries who have been charged.
The hack is believed to have affected over 100 million customers and compromised 76 million households and seven million small businesses. It allowed for the theft of email addresses and passwords and financial information such as bank balances and card numbers.
The breach also extended to companies affiliated with Chase such as a casino company and at least four other financial services corporations. Reportedly, more than $100 million had been stolen from banks throughout the U.S., primarily through ATM cash withdrawals worldwide and purchases made with stolen credit/debit cards.
Tyurin plead guilty after making his initial appearance before U.S District Judge Katherine Parker stating “I thought what I was doing was legal”, he added “Yes, I accept responsibility” while speaking in Russian through an interpreter assigned by the judge during his plea hearing on April 11th 2019. As part of his plea agreement he forfeited all assets obtained while engaging in criminal activities related to this case including cash proceeds and two Picasso paintings worth over $1 million each and four pieces by other artists worth $750K collectively.
In addition, Tyurin agreed to pay restitution to affected persons for all losses suffered due to his actions amounting to approximately 19 million dollars, which will be paid over time or upon his release from prison based on sentencing recommendation by federal judge Parker’s arrangement.
In conclusion, Andrei Tyurin, a Russian hacker linked to the compromise of JPMorgan Chase and other large U.S. financial institutions, was sentenced to 12 years for his crimes. This sentencing marks the latest in a series of Federal prosecutions related to this massive cybersecurity incident from 2014-2015.
In addition to his 12-year prison sentence, he was forced to pay restitution amounting to millions of dollars in damages from the hack of over 80 million customer accounts. In his plea agreement with the US Department of Justice attorneys, he admitted that he helped use malware and phishing attacks as part of complex schemes designed to identify vulnerabilities and exploit them for financial gain.
As online threats evolve and become increasingly sophisticated, this case serves as a reminder that everybody from major corporations and governments down to individual citizens must remain vigilant regarding cybersecurity protections.