In a plot worthy of a crime drama, three Latvian men have pleaded guilty to trying to extort money from DA Davidson, the Montana-based brokerage firm that agreed to pay a fine over a computer breach involving confidential client data.
Aleksandrs Hoholko, 30, Jevgenijs Kuzmenko, 26, and Vitalijs Drozdovs, 33 entered their pleas on March 30 in federal court in Helena, Montana.
In a statement released yesterday by Michael W. Cotter, the U.S. Attorney for Montana, the trio pled guilty to receipt of extortion proceeds.
According to federal prosecutors, between December 2007 and January 11, 2008, an unnamed associate of the three residents of Riga, Latvia conducted several unauthorized intrusions into the brokerage firm’s computer system and made off with personal and financial account information for thousands of clients. The unnamed man demanded $80,000 from the firm “in exchange for disclosing security vulnerabilities and destroying any confidential information stolen” from the firm’s computer system, prosecutors stated.
DA Davidson contacted law enforcement and the U.S. Secret Service stepped in and negotiated with the unnamed man in an effort to figure out his identity and location. From February 8 through Feb. 18, 2008, the Secret Service negotiated with the man for the delivery of money to the Netherlands through Western Union transfers.
The man identified Aleksandrs Hoholko and Jevgenijs Kuzmenko as the two other men who would pick up the money. The man designated Kuzmenko as the one who would get the money in the Netherlands on Feb. 14, 2008 but the transfer didn’t’ go through because there was a hold placed on it. The next day, a second transfer went through and was picked up by Hoholko, who received $1,500 from Western Union in Eindhoven and provided his Latvian passport as identification, prosecutors said in the release.
Three days later, when Hoholko tried to retrieve a second money transfer in Eindhoven, agents from the Netherlands High Tech Crime Unit arrested him and then grabbed Drozdovs, who was driving the car. A firearm and money transfer receipts were found in the vehicle. Finally, when Dutch authorities went to the apartment were the two men were staying they found Kuzmenko there. The agents also recovered Drozdovs cell phone, which had a text message referring to one of the brokerage firm’s money transfers to the Netherlands.
Initially, the three men admitted to picking up money but denied criminal involvement. Hoholko and Kuzmenko said that a man named “Vitaliy”—whose last name they said they didn’t know—was to get the money. Kuzmenko further stated that he didn’t know Hoholko’s last name “because he was a comrade and ‘you do not ask a comrade for a last name.’”
Prosecutors said that Drozdovs claimed that he received text messages with instructions to pick up money and that once a week he would give the money to the driver of a bus from the Netherlands to Riga. When he would hand over the money, Drozdovs would write an eight-digit number on the envelope and then send the number to another person. The bus driver would take 1% of the proceeds, Drozdovs said, adding that he didn’t know who ultimately received the rest of the money.
The three men are currently detained and sentencing has been set for June 16. Each man faces up to three years in prison, a $250,000 fine and one-year supervised release.
The fourth, unnamed man has not been apprehended.
Two days ago, FINRA announced that DA Davidson had agreed to pay a $375,000 for the computer security failures that led to the Latvian nationals plot. The hacker got into the Great Falls, Montana-based firm’s computer and got access to data for approximately 192,000 customers.
DA Davidson, which cooperated with law enforcement, neither admitted or denied the findings of FINRA. The attacks, FINRA said, “were visible on web server logs, however the firm failed to review those logs.” In addition, the firm didn’t have any written procedures in place to review the logs; nor did it have an intrusion detection system, FINRA said. DA Davidson said it has since upgraded its computer security.