Cyber attack at financial data group Ion affects derivatives trading

Industry working with clearing houses, platforms and regulators to assess hit to trade processing and clearing.

01 February, 2023 by Nikou Asgari, Harry Dempsey and Stephen Morris in London and Nicholas Megaw in New York

Financial data group Ion Markets has suffered a cyber attack that has affected parts of the vital financial plumbing that underlies the vast derivatives trading industry.

The Dublin-based company said its cleared derivatives unit was hit by a “cyber security event” on Tuesday. It said the incident was “contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing”.

The cyber attack at Ion affected derivatives that trade on exchanges, according to the Futures Industry Association, which said on Wednesday it was working with clearing houses, trading platforms and regulators to assess the extent of the impact on trading, processing and clearing. Last year, volume in exchange traded derivatives reached 83.9bn contracts, according to FIA data.

The impact has been on post-trade processes, including trade matching, and keeping track of risk and margin requirements, according to people familiar with the matter.

This has forced some traders to manually finish steps such as checking margin requirements and completing end of day reports — steps that are usually automated and more labour intensive when completed manually. Since the attack on Ion took place on January 31, it has also complicated month-end data reporting for some of its clients.

Post-trade services are a part of financial market plumbing crucial to completing transactions and transferring ownership of securities in line with regulations.

The US derivatives market regulator, the Commodity Futures Trading Commission, said it was aware of the incident and was “working closely with affected parties, regulators and other market participants to ensure orderly resolution”.

CME Group and Intercontinental Exchange, the two largest US exchange groups, each said that several of their members had been impacted, which could affect the timing and accuracy of some of their published data.

The London Metal Exchange said some of its members used the affected Ion services for processes, including trade matching, and that the exchange was working with them “to help them continue their business as normally as possible”.

Euronext, the biggest operator of stock markets in Europe, said it had not been affected but that some of its clients use Ion’s software.

One trader said they were “more concerned that systems have been compromised and they may have been infected themselves rather than a lack of data or settlement”.

The US Treasury department on Wednesday evening said it had held meetings with several industry groups and was monitoring the situation. Todd Conklin, Treasury deputy assistant secretary, said “the issue is currently isolated to a small number of smaller and midsize firms and does not pose a systemic risk to the financial sector”.

The troubles at Ion come a week after a glitch at the New York Stock Exchange, triggered by an internal error, caused market chaos and led to thousands of trades being cancelled.

The cyber attack at Ion marks the latest information security incident this year. Earlier this week, sportswear retailer JD Sports said it was the victim of a cyber attack that exposed the data of 10mn customers, while media group the Guardian said a recent hack had exposed employees’ sensitive information, including salaries and passport details.

Ion was founded in 1999 by former Salomon Brothers trader Andrea Pignataro. Its technology is used by banks, central banks and corporations for electronic trading.

© The Financial Times Limited 2023. All Rights Reserved.
FT and Financial Times are trademarks of the Financial Times
Ltd. Not to be redistributed, copied or modified in any way.