Federal prosecutors unsealed criminal charges against a group of hackers who allegedly breached the computer systems of more than a dozen companies including Nasdaq OMX Group Inc., J.C. Penney Co. and Carrefour SA, to steal personal data and, in some cases, credit-card information, resulting in the loss of hundreds of millions of dollars….
While the hackers allegedly were able to penetrate Nasdaq's computer network and access the trading history of specific securities, the servers powering Nasdaq's exchanges weren't compromised, according to a person with knowledge of the exchange's systems. The identity of specific traders wasn't accessed by the hackers, the person said.
Nasdaq's so-called SQL servers, which run on a different operating system than those running the company's markets, maintain various public-facing websites listing share prices and providing forums for investor discussions, according to the person. The hackers purportedly got onto a Nasdaq network of about 30 such servers, gaining login information by tricking a site set up to remind site users of forgotten passwords.