D.A. Davidson Breach Case Nears Resolution

A sophisticated network hack that resulted in the ransom of some 300,000 client files last year at banking company D.A. Davidson has been largely resolved.

According to news reports, the banking firm has agreed to pay up to $1 million in reimbursements to approximately 226,000 members of a class-action lawsuit that followed the breach.

In a meditation session conducted last week, the final aspects of the dispute were resolved and the deadline for filing a claim was extended, according to the reports. A judge approved the settlement on Thursday.

Separately, three Latvians suspected of performing the hack were detained in the Netherlands and extradited to the U.S. late last month, according to the report. A fourth suspect remains at large.

According to court documents, the attackers broke into a database at Davidson and downloaded some 300,000 client files. The attackers then sent 20,000 of the files to Davidson and agreed to delete the remaining files if a ransom was paid.

The three suspects were arrested after allegedly attempting to pick up the ransom, which was wired to the Netherlands. All three pleaded not guilty to the charges.

The five-count indictment charges conspiracy, extortion, fraud, obtaining financial records through unauthorized access to computers and threatening communications, and receipt of extortion proceeds. The defendants face a maximum 20 years in prison and a maximum $250,000 fine if convicted.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.