New York – A 32-year-old American formerly living in Moscow but wanted in the United States in connection with a massive theft of customer data from JP Morgan Chase and Dow Jones has been arrested, officials said Thursday.
Joshua Aaron was arrested Wednesday at John F. Kennedy International Airport in New York and is scheduled to appear before a US judge on Thursday.
He is accused of orchestrating major computer hacking crimes against US financial institutions, brokerage firms and financial news publishers, including the largest theft of customer data from a US financial institution.
Aaron was one of four suspects indicted in November 2015 in the scheme that compromised data from millions of customers of JPMorgan Chase and other firms.
The bank has said the hack compromised data on 76 million household customers and seven million businesses, including their names, email addresses and telephone numbers — the largest theft of data from a US financial institution.
Other firms previously identified as victims included the Dow Jones media group and online brokers ETrade and Scottrade.
Aaron is charged on multiple counts of fraud, conspiracy and other charges related to the hack. If found guilty, he faces maximum sentences of between five to 20 years on each count.
Two Israeli alleged co-conspirators, Gery Shalon and Ziv Orenstein, were arrested in Israel in 2015 and extradited to the United States in June.
US prosecutors say their crimes netted “hundreds of millions of dollars” in illegal proceeds.
They are accused of using the stolen data to send emails in an effort to artificially pump up the prices of certain “penny” stocks — a so-called “pump and dump” operation.
They are also accused of operating an Internet gambling scheme, an unlawful bitcoin exchange and an illicit payment processing operation for shady online pharmaceutical sellers and others.
