Recently, according to multiple Taiwanese media reports, the trading systems of many securities firms, including Yuanta Securities, Taiwan’s leading securities firm, are suspected of being compromised.hackerIn the "credential stuffing attack", a large number of customers' securities accounts were automatically "placed" to buy Hong Kong stocks in batches. Among them, some investor accounts passively bought Deep Blue Technology Holdings (01950.HK). The stock price suffered a flash crash that day, with a single-day drop of as much as 33%.
Subsequently, the Taiwan Securities and Futures Bureau confirmed that it had indeed received notifications from some brokerages that customers' accounts had been stolen and they automatically placed orders to buy Hong Kong stocks. Some investors even said: "I was deducted more than NT$300,000 for buying Hong Kong stocks." At the same time, many investors replied that they passively placed orders to buy Deep Blue Technology Holdings (01950.HK). It is worth mentioning that on November 25, Deep Blue Technology’s stock price plummeted, with a single-day drop of as much as 33%.
Yuanta Securities stated that Yuanta has always attached great importance to customers’information security, after proactively discovering a suspected abnormal Hong Kong stock entrustment at about 3:00 pm on November 25, 2021, we were worried that it was a Hong Kong stock fraud case. Therefore, after contacting some customers to confirm that the transactions were not my own, in order to ensure the rights and interests of the customers, we urgently took measures to personally Starting from 3:45 on the same day, the acceptance of re-entrusted electronic transactions will be suspended and orders will be accepted manually.
Yuanta Securities repeatedly emphasized in its statement that Yuanta Securities is currently investigating the relevant reasons and will do its best to ensure the rights and interests of customers. Customers should rest assured.
In addition, some investors revealed that they had previously received a call from a Yuanta salesperson requesting to change the password of their securities account. Not only that, Yuanta Securities issued an announcement on the afternoon of November 26 that due to an abnormality in the multiple entrustment electronic trading system, it would suspend the multiple entrustment electronic trading of Action Wizard. This also made investors suspect that there was a problem with the fund security of Yuanta Securities. .
At the same time, Yuanta Securities recommended in the announcement that investors change their account passwords from time to time and avoid logging in through third-party platforms to reduce the risk of password leaks.
Yuanta Securities, which was targeted by hackers this time, has a strong background. It is the largest comprehensive securities firm in Taiwan, with 4,860 employees. Its business covers brokerage, proprietary trading, investment banking, bonds, new financial products, As of the end of 2020, Yuanta Securities' total assets reached NT$904.25 billion (approximately RMB 207.3 billion) in various financial securities businesses such as overseas transactions and wealth management.
Since the beginning of this year, hackers around the world have become increasingly rampant, and large enterprises and government agencies have been frequently attacked. Not long ago, the FBI also suffered a disaster. It released a statement saying that hackers attacked the FBI's network server and sent emails to thousands of organizations using email addresses with FBI domain names. In addition, according to US media reports, a hacker sent spam emails to at least 100,000 people through the FBI mail server. The hacker's motives are currently unclear.
The email, whose author falsely claimed to be affiliated with the U.S. Department of Homeland Security, contained a bizarre warning that mentionedcyber securityWriter Vinnie Troya and an international cybercrime organization called "The Dark Overlord". According to reports, this incident is the first known case of a hacker successfully maliciously accessing FBI-related systems and sending spam emails to a large number of people.
In early November, Robinhood, an Internet brokerage known as the “home base of retail investors” in the United States, was also hacked, and the data of more than 7 million customers was leaked.
On the evening of November 8, local time, Robinhood issued a statement stating that the vulnerability was discovered on November 3 and that the attackers had the email addresses of approximately 5 million customers, the names of 2 million customers, and the zip codes of some customers. and date of birth were leaked. Fortunately, the breach did not expose any customers’ Social Security numbers, bank account numbers, or credit card numbers, and no customers suffered financial losses as a result.
Perhaps the most serious impact was that in May this year, the Colonial Pipeline Transportation Company, the largest fuel pipeline operator in the United States, was attacked by the hacker group "Dark Side" and was forced to shut down the entire pipeline system. This caused fuel prices to soar, and once the United States entered the National emergency. U.S. President Biden severely criticized the attack on oil pipelines as "a criminal act."
Faced with increasingly rampant attacks, the U.S. government was completely furious. On November 4, the U.S. State Department announced that it would offer a reward of up to US$10 million (approximately RMB 64 million) to any informant who can provide information about the leader of the hacker organization "DarkSide", and an additional reward of US$5 million. US dollars (approximately 32 million yuan) to find criminal personal information involved in "dark side" ransomware attacks. The total reward amount of these two rewards is as high as 96 million yuan. But so far, no substantial progress has been made.
Original article, author: Chief Security Officer, if reprinted, please indicate the source: https://cncso.com/en/taiwanese-billion-dollar-brokerage-firm-hacked.html