E-brokers defy odds by recording record trading revenue while dropping commissions to zero (CNBC by Maggie Fitzgerald and Kate Rooney)Former Chief Security Officer For Uber Charged With Obstruction Of Justice / Joseph Sullivan Allegedly Tried to Cover Up 2016 Hack That Compromised Data Of Millions Of Users and Drivers (DOJ Release)
[I]n the heart of Covid-related shutdowns, market activity exploded but has calmed down since. The volatility index, or VIX, was above 80 in March and is now down in the twenties. The S&P 500 has recovered to its pre-covid February level, kicking off the start of a new bull market and notching its fastest recovery in history. But Biggar said he worries about retail investors' stomach for investing if stocks retreat.
The complaint describes how Sullivan played a pivotal role in responding to FTC inquiries about Uber's cyber security. Uber had been hacked in September of 2014 and the FTC was gathering information about that 2014 breach. The FTC demanded responses to written questions and required Uber to designate an officer to provide testimony under oath on a variety of topics. Sullivan assisted in the preparation of Uber's responses to the written questions and was designated to provide sworn testimony on a variety of issues. On November 14, 2016, approximately 10 days after providing his testimony to the FTC, Sullivan received an email from a hacker informing him that Uber had been breached again. Sullivan's team was able to confirm the breach within 24 hours of his receipt of the email.Rather than report the 2016 breach, Sullivan allegedly took deliberate steps to prevent knowledge of the breach from reaching the FTC. For example, Sullivan sought to pay the hackers off by funneling the payoff through a bug bounty program-a program in which a third party intermediary arranges payment to so-called "white hat" hackers who point out security issues but have not actually compromised data. Uber paid the hackers $100,000 in BitCoin in December 2016, despite the fact that the hackers refused to provide their true names. In addition, Sullivan sought to have the hackers sign non-disclosure agreements. The agreements contained a false representation that the hackers did not take or store any data. When an Uber employee asked Sullivan about this false promise, Sullivan insisted that the language stay in the non-disclosure agreements. Moreover, after Uber personnel were able to identify two of the individuals responsible for the breach, Sullivan arranged for the hackers to sign fresh copies of the non-disclosure agreements in their true names. The new agreements retained the false condition that no data had been obtained. Uber's new management ultimately discovered the truth and disclosed the breach publicly, and to the FTC, in November 2017. Since that time, Uber has responded to additional government inquiries.The criminal complaint also alleges Sullivan deceived Uber's new management team about the 2016 breach. Specifically, Sullivan failed to provide the new management team with critical details about the breach. In August of 2017, Uber named a new Chief Executive Officer. In September 2017, Sullivan briefed Uber's new CEO about the 2016 incident by email. Sullivan asked his team to prepare a summary of the incident, but after he received their draft summary, he edited it. His edits removed details about the data that the hackers had taken and falsely stated that payment had been made only after the hackers had been identified.The two hackers identified by Uber were prosecuted in the Northern District of California. Both pleaded guilty on October 30, 2019, to computer fraud conspiracy charges and now await sentencing. The criminal complaint makes clear that "both [hackers] chose to target and successfully hack other technology companies and their users' data" after Sullivan failed to bring the Uber data breach to the attention of law enforcement.
[T]he SEC's complaint alleged that Almagarby and MEG repeatedly purchased aged debt from penny stock issuers and, after converting the debt into equity at discounted prices, sold the newly issued shares into the market at a significant profit. At the time of this conduct, neither Almagarby nor MEG were registered with the SEC as a dealer and Almagarby was not associated with a registered broker or dealer.The court ruled that Almagarby and MEG were required to be registered as dealers because they met the statutory definition by engaging in the regular business of buying and selling securities for their own account. The court therefore found that they violated the dealer registration provisions of Section 15(a) of the Securities Exchange Act of 1934. The court also held Almagarby liable as a control person of MEG under Section 20(a) of the Exchange Act.The court ruled that injunctive relief was appropriate, but held that it would determine at a later date what additional remedies are appropriate. The court also denied the defendants' cross motion for summary judgment.