Security breached repeatedly at board service used by more than 175 companies and 5,000 board members
NASDAQ’s web platform, which allows boards of directors and companies to share sensitive documents, has been targeted by hackers who ‘repeatedly penetrated’ the network, the exchange revealed over the weekend.
On Saturday, the Wall Street Journal reported that the computer network of the company running the NASDAQ stock market had been compromised by unknown hackers over the past year, prompting an investigation involving forensic computer experts, the FBI and the Secret Service.
While the WSJ reported that NASDAQ OMX’s trading platform had not been compromised, its initial report said it couldn’t determine which parts of the exchange’s network had been accessed. The story prompted NASDAQ itself to reveal that its web-facing application Directors Desk ‘was potentially affected’.
In a note posted on its website, the exchange explains that it had been working with authorities, which had asked NASDAQ to keep quiet about the security breach until February 14 at the earliest, ‘in order to facilitate the continuing investigation.’
Once the WSJ story ran, however, NASDAQ decided to notify Directors Desk customers and posted the notice on its site.
The statement goes on to say the foreign files had been removed ‘and at this point there is no evidence that any Directors Desk customer information was accessed or acquired by hackers.’
Directors Desk was founded in 2003 and acquired by NASDAQ in 2007. As of July 2010 NASDAQ reported that more than 175 companies and 5,000 board members were using the service.
‘We continue to evaluate and enhance our advanced security controls to respond to the ever-increasing global cyber threat, and continue to devote extensive resources to further secure our systems,’ the NASDAQ statement continues.
‘We have been working in cooperation with the government’s ongoing investigations and have received its technical advice, for which we are appreciative.’