The world’s largest derivatives Exchange , the CME Group, confirmed on Friday that it had fallen victim to a crime of cyber intrusion in July 2013, in a communication published on its investor relations website.
In the communication, the CME Group announced that it has discovered that certain customer information relating to the CME ClearPort platform was compromised. And, according to a report in the Wall Street Journal, the information that was compromised was "more than 7,000 passwords used by more than 2,000 firms."
The CME ClearPort platform is a Clearing service mainly for over-the-counter energy and metal contracts, which handles more than 450,000 OTC contracts a day according to figures from the group. The platform is used by more that 17,000 traders globally, including banks, hedge funds, FCMs and other clearing firms.
The CME Group tried to assure its customers of their security to trade with the exchange, elaborating on the measures that it has in place to protect client information, which is a top priority, according to the publication. The CME Group maintains sophisticated computer systems, teams of cyber protection and have processes in place to prevent further intrusion incidents, the announcement details, and emphasized that the CME is only one of many organizations subject to cyber crime recently.
To protect participants, the CME forced a change to customer credentials impacted by the incident, and is in direct contact with the impacted customers.
The exchange stated that, to date, there is no evidence that trades on CME Globex were adversely impacted, or that the provision of clearing services by CME Clearing or CME Clearing Europe, or trading in CME markets, were disrupted.
The CME group additionally confirmed that the incident is already a subject of an FBI criminal investigation, which the group is cooperating with.