CME Group Inc , the world's largest futures exchange operator, said Friday that its clearing service for energy and other swaps was "the victim of a cyber intrusion" in July, sparking a federal criminal investigation.
Some customer information on CME's ClearPort clearing service was compromised, it said, but there is no evidence that trades on CME's electronic system were adversely impacted or that CME's other clearing services were disrupted. ClearPort handles nearly half a million contracts a day.
Continue Reading Below
Cyber-attacks on financial exchanges are on the rise globally, with around half of the world's securities exchanges targeted last year, according to a study published earlier this year by the International Organization of Securities Commissions' research department and the World Federation of Exchanges Office said.
CME said it had changed customer credentials impacted by the incident and is communicating directly with customers affected. A spokesman declined to provide further details.
Traders said they had confidence in CME's ability to protect customer information.
"They probably spend tens of millions of dollars a year to protect it," said P.J. Quaid, a trader in the corn options pit at CME's Chicago Board of Trade.
"There's people out there who all they want to do is cause chaos," he said when asked about the cyber attack against CME. "Everyone's a target. It could be a rival or just people trying to cause chaos."
Nasdaq OMX Group's community forum website went down for two days in July because of a cyber attack; in 2010, hackers infiltrated the exchange's computer systems and installed software that allowed them to spy on the directors of publicly held companies.
And last year in February, Nasdaq and Kansas-based exchange operator BATS Global Markets said they were hit by denial of service attacks, which seek to disrupt websites and computer systems by overwhelming the targeted organizations' networks with computer traffic.
Gaston Ceron, equity analyst for Morningstar, said he was awaiting more information about the extent of the intrusion.
"I'm sure they value their customer information and they'll do everything they can to safeguard it," he said.
CME disclosed the intrusion as a Chicago computer hacker tied to the group known as Anonymous was sentenced in an unrelated case.
Jeremy Hammond, 28, was sentenced to 10 years in prison for cyber attacks on various government agencies and businesses, including a global intelligence company. [ID: nL2N0J013V]
CME Group operates the Chicago Mercantile Exchange, the Chicago Board of Trade and the New York Mercantile Exchange, among others, handling about 12 million contracts tied to interest rates, corn, gold and other assets on an average day.
Clearport handles 450,000 contracts a day, according to CME's website. (With reporting by John McCrank in New York; Editing by Leslie Gevirtz)