We break from tonight’s episode of “Powell in turmoil” to let you know that an “unknown” hacker appears to have inside info on a substantial portion of the global pipeline of upcoming M&A deals. According to The Times, thousands of “sensitive documents” have been stolen by hackers in a cyber-attack on M&A and restructuring giant Evercore.
According to the report, one of the boutique bank’s junior administrators in London was the victim of a “phishing” attack – similar to the way in which John Podesta allegedly handed over control of his inbox to an unknown hacker – in which a recipient is lured into clicking on a corrupt link in an email. The hackers gained access to her inbox, leading to the theft of 160,000 “data objects” such as diary invitations, documents and emails. It is likely that among the tens of thousands of stolen objects was confidential data on the countless merger deals the company is currently working on.
The good news is that according to a source close to Evercore, there was no evidence any of the information taken in last month’s breach had been misused, adding that the hackers’ main motivation appeared to have been to access the administrator’s address book to send further phishing emails. Of course, since there is no way of really knowing what the motive behind the hacks was, or if and how the data would be misused, the bank has had to inform the City watchdog, the Financial Conduct Authority, as well as clients whose deals may have been mentioned in the stolen documents.
And there are plenty of those. Most notably, Evercore’s work this year has included advising the Japanese pharmaceuticals giant Takeda on its £46bn takeover of Shire and helping financier Michael Spencer with the £3.9bn sale of his Nex Group broking empire to the Chicago Mercantile Exchange.
As to what Evercore is working on confidentially, that remains to be unveiled, although if the hackers indeed have the inside track, they could easily demand ransom (in bitcoin or otherwise) to keep their mouth shut or else scuttle tens of billions in upcoming merger activity. It would also mean that the anger of the authorities would be especially focused, and would provide further cyberwarfare ammunition for a full-blown retaliation if it emerges that China is “somehow involved” and is now intimately familiar with the biggest M&A deals on deck.
Come to think of it, hacking an M&A boutique just may be the smartest thing for a black hat to do as all sides involved have a clear prerogative to keep information leakage to a minimum while keeping the authorities out, as both sides of the deal could decided to abandon the transaction if information about the upcoming announcement is to be unexpectedly leaked.
Understandably, Evercore tried to mitigate its responsibility by pointing out how bad it has been for everyone else as the incident comes amid a wave of cyber-attacks on big businesses. The Marriott hotel chain and airlines British Airways and Cathay Pacific have come under siege this year, with huge volumes of customers’ data stolen. The source close to Evercore said: “We live in a world where these things are increasingly prevalent and it’s just one of those things in business that many people are experiencing.”
Evercore was founded in 1995 by Roger Altman, an investment banker who was Bill Clinton’s deputy treasury secretary until he resigned amid the Whitewater controversy surrounding Clinton’s property investments. It is run in Britain by Andrew Sibbald, a co-founder of Lexicon Partners, which was bought by Evercore in 2011. Dame Alison Carnwath, the former Land Securities chairwoman, is an adviser.