Before he lost it all—all $20 billion—Bill Hwang was the greatest trader you’d never heard of.
Starting in 2013, he parlayed more than $200 million left over from his shuttered hedge fund into a mind-boggling fortune by betting on stocks. Had he folded his hand in early March and cashed in, Hwang, 57, would have stood out among the world’s billionaires. There are richer men and women, of course, but their money is mostly tied up in businesses, real estate, complex investments, sports teams, and artwork. Hwang’s $20 billion net worth was almost as liquid as a government stimulus check. And then, in two short days, it was gone.
[…]
Modest on the outside, Hwang had all the swagger he needed inside the Wall Street prime-brokerage departments that finance big investors. He was a “Tiger cub,” an alumnus of Tiger Management, the hedge fund powerhouse that Julian Robertson founded. In the 2000s, Hwang ran his own fund, Tiger Asia Management, which peaked at about $10 billion in assets.
It didn’t matter that he’d been accused of insider trading by U.S. securities regulators or that he pleaded guilty to wire fraud on behalf of Tiger Asia in 2012. Archegos, the family office he founded to manage his personal wealth, was a lucrative client for the banks, and they were eager to lend Hwang enormous sums.
On March 25, when Hwang’s financiers were finally able to compare notes, it became clear that his trading strategy was strikingly simple. Archegos appears to have plowed most of the money it borrowed into a handful of stocks—ViacomCBS, GSX Techedu, and Shopify among them.
[…]
At least once, Hwang stepped over the line between aggressive and illegal. In 2012, after years of investigations, the U.S. Securities and Exchange Commission accused Tiger Asia of insider trading and manipulation in two Chinese bank stocks. The agency said Hwang “crossed the wall,” receiving confidential information about pending share offerings from the underwriting banks and then using it to reap illicit profits.
Hwang settled that case without admitting or denying wrongdoing, and Tiger Asia pleaded guilty to a U.S. Department of Justice charge of wire fraud.
[…]
U.S. rules prevent individual investors from buying securities with more than 50% of the money borrowed on margin. No such limits apply to hedge funds and family offices. People familiar with Archegos say the firm steadily ramped up its leverage. Initially that meant about “2x,” or $1 million borrowed for every $1 million of capital. By late March the leverage was 5x or more.
Hwang also kept his banks in the dark by trading via swap agreements. In a typical swap, a bank gives its client exposure to an underlying asset, such as a stock. While the client gains—or loses—from any changes in price, the bank shows up in filings as the registered holder of the shares.
That’s how Hwang was able to amass huge positions so quietly. And because lenders had details only of their own dealings with him, they, too, couldn’t know he was piling on leverage in the same stocks via swaps with other banks. ViacomCBS Inc. is one example. By late March, Archegos had exposure to tens of millions of shares of the media conglomerate through Morgan Stanley, Goldman Sachs Group Inc., Credit Suisse, and Wells Fargo & Co. The largest holder of record, indexing giant Vanguard Group Inc., had 59 million shares.
[…]
At some point in the past few years, Hwang’s investments shifted from mainly tech companies to a more eclectic mix. Media conglomerates ViacomCBS and Discovery Inc. became huge holdings. So did at least four Chinese stocks: GSX Techedu, Baidu, Iqiyi, and Vipshop.
Although it’s impossible to know exactly when Archegos did those swap trades, there are clues in the regulatory filings by his banks. Starting in the second quarter of 2020, all Hwang’s banks became big holders of stocks he bet on. Morgan Stanley went from 5.22 million shares of Vipshop Holdings Ltd. as of June 30, to 44.6 million by Dec. 31.
Leverage was playing a growing role, and Hwang was looking for more. Credit Suisse and Morgan Stanley had been doing business with Archegos for years, unperturbed by Hwang’s brush with regulators. Goldman, however, had blacklisted him. Compliance officials who frowned on his checkered past blocked repeated efforts internally to open an account for Archegos, according to people with direct knowledge of the matter.
[…]
The fourth quarter of 2020 was a fruitful one for Hwang. While the S&P 500 rose almost 12%, seven of the 10 stocks Archegos was known to hold gained more than 30%, with Baidu, Vipshop, and Farfetch jumping at least 70%.
All that activity made Archegos one of Wall Street’s most coveted clients. People familiar with the situation say it was paying prime brokers tens of millions of dollars a year in fees, possibly more than $100 million in total. As his swap accounts churned out cash, Hwang kept accumulating extra capital to invest—and to lever up. Goldman finally relented and signed on Archegos as a client in late 2020. Weeks later it all would end in a flash.
Damage to Hwang’s Investments
Share price
Data: Compiled by Bloomberg
The first in a cascade of events during the week of March 22 came shortly after the 4 p.m. close of trading that Monday in New York. ViacomCBS, struggling to keep up with Apple TV, Disney+, Home Box Office, and Netflix, announced a $3 billion sale of stock and convertible debt. The company’s shares, propelled by Hwang’s buying, had tripled in four months. Raising money to invest in streaming made sense. Or so it seemed in the ViacomCBS C-suite.
Instead, the stock tanked 9% on Tuesday and 23% on Wednesday. Hwang’s bets suddenly went haywire, jeopardizing his swap agreements. A few bankers pleaded with him to sell shares; he would take losses and survive, they reasoned, avoiding a default. Hwang refused, according to people with knowledge of those discussions, the long-ago lesson from Robertson evidently forgotten.
That Thursday his prime brokers held a series of emergency meetings. Hwang, say people with swaps experience, likely had borrowed roughly $85 million for every $20 million, investing $100 and setting aside $5 to post margin as needed. But the massive portfolio had cratered so quickly that its losses blew through that small buffer as well as his capital.
The dilemma for Hwang’s lenders was obvious. If the stocks in his swap accounts rebounded, everyone would be fine. But if even one bank flinched and started selling, they’d all be exposed to plummeting prices. Credit Suisse wanted to wait.
Late that afternoon, without a word to its fellow lenders, Morgan Stanley made a preemptive move. The firm quietly unloaded $5 billion of its Archegos holdings at a discount, mainly to a group of hedge funds. On Friday morning, well before the 9:30 a.m. New York open, Goldman started liquidating $6.6 billion in blocks of Baidu, Tencent Music Entertainment Group, and Vipshop. It soon followed with $3.9 billion of ViacomCBS, Discovery, Farfetch, Iqiyi, and GSX Techedu.
When the smoke finally cleared, Goldman, Deutsche Bank AG, Morgan Stanley, and Wells Fargo had escaped the Archegos fire sale unscathed. There’s no question they moved faster to sell. It’s also possible they had extended less leverage or demanded more margin. As of now, Credit Suisse and Nomura appear to have sustained the greatest damage. Mitsubishi UFJ Financial Group Inc., another prime broker, has disclosed $300 million in likely losses.
It’s all eerily reminiscent of the subprime-mortgage crisis 14 years ago. Then, as now, the trouble was a series of increasingly irresponsible loans. As long as housing prices kept rising, lenders ignored the growing risks. Only when homeowners stopped paying did reality bite: The banks all had financed so much borrowing that the fallout couldn’t be contained.
[…]
The best thing anyone can say about the Archegos collapse is that it didn’t spark a market meltdown. The worst thing is that it was an entirely preventable disaster made possible by Hwang’s lenders. Had they limited his leverage or insisted on more visibility into the business he did across Wall Street, Archegos would have been playing with fire instead of dynamite. It might not have defaulted. Regulators are to blame, too. As Congress was told at hearings following the GameStop Corp. debacle in January, there’s not enough transparency in the stock market. European rules require the party bearing the economic risk of an investment to disclose its interest. In the U.S., whales such as Hwang can stay invisible.
We updated our personal data leak checker database with more than 780,000 email addresses associated with this leak. Use it to find out if your LinkedIn profile has been scraped by the threat actors.
Days after a massive Facebook data leak made the headlines, it seems like we’re in for another one, this time involving LinkedIn.
An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author.
The four leaked files contain information about the LinkedIn users whose data has been allegedly scraped by the threat actor, including their full names, email addresses, phone numbers, workplace information, and more.
To see if your email address has been exposed in this data leak or other security breaches, use our personal data leak checker with a library of 15+ billion breached records.
While users on the hacker forum can view the leaked samples for about $2 worth of forum credits, the threat actor appears to be auctioning the much-larger 500 million user database for at least a 4-digit sum, presumably in bitcoin.
The author of the post claims that the data was scraped from LinkedIn. Our investigation team was able to confirm this by looking at the samples provided on the hacker forum. However, it’s unclear whether the threat actor is selling up-to-date LinkedIn profiles, or if the data has been taken or aggregated from a previous breach suffered by LinkedIn or other companies.
We asked LinkedIn if they could confirm that the leak was genuine, and whether they have alerted their users and clients, but we have received no reply from the company at the time of writing this report.
What was leaked?
Based on the samples we saw from the leaked files, they appear to contain a variety of mostly professional information from LinkedIn profiles, including:
A database containing the phone numbers of more than half a billion Facebook users is being freely traded online, and Facebook is trying to pin the blame on everyone but themselves.
A blog post titled “The Facts on News Reports About Facebook Data,” published Tuesday evening, is designed to silence the growing criticism the company is facing for failing to protect the phone numbers and other personal information of 533 million users after a database containing that information was shared for free in low level hacking forums over the weekend, as first reported by Business Insider.
Facebook initially dismissed the reports as irrelevant, claiming the data was leaked years ago and so the fact it had all been collected into one uber database containing one in every 15 people on the planet—and was now being given away for free—didn’t really matter.
[…]
But, instead of owning up to its latest failure to protect user data, Facebook is pulling from a familiar playbook: just like it did during the Cambridge Analytica scandal in 2018, it’s attempting to reframe the security failure as merely a breach of its terms of service.
So instead of apologizing for failing to keep users’ data secure, Facebook’s product management director Mike Clark began his blog post by making a semantic point about how the data was leaked.
“It is important to understand that malicious actors obtained this data not through hacking our systems but by scraping it from our platform prior to September 2019,” Clark wrote.
This is the identical excuse given in 2018, when it was revealed that Facebook had given Cambridge Analytica the data of 87 million users without their permission, for use in political ads.
Clark goes on to explain that the people who collected this data—sorry, “scraped” this data—did so by using a feature designed to help new users find their friends on the platform.
“This feature was designed to help people easily find their friends to connect with on our services using their contact lists,” Clark explains.
The contact importer feature allowed new users to upload their contact lists and match those numbers against the numbers stored on people’s profiles. But like most of Facebook’s best features, the company left it wide open to abuse by hackers.
“Effectively, the attacker created an address book with every phone number on the planet and then asked Facebook if his ’friends’ are on Facebook,” security expert Mikko Hypponen explained in a tweet.
Clark’s blog post doesn’t say when the “scraping” took place or how many times the vulnerability was exploited, just that Facebook fixed the issue in August 2019. Clark also failed to mention that Facebook was informed of this vulnerability way back in 2017, when Inti De Ceukelaire, an ethical hacker from Belgium, disclosed the problem to the company.
And, the company hasn’t explained why a number of users who have deleted their accounts long before 2018 have seen their phone numbers turn up in this database.
[…]
“While we addressed the issue identified in 2019, it’s always good for everyone to make sure that their settings align with what they want to be sharing publicly,” Clark wrote.
“In this case, updating the ‘How People Find and Contact You’ control could be helpful. We also recommend people do regular privacy checkups to make sure that their settings are in the right place, including who can see certain information on their profile and enabling two-factor authentication.”
It’s an audacious move for a company worth over $300 billion, with $61 billion cash on hand, to ask its users to secure their own information, especially considering how byzantine and complex the company’s settings menus can be.
Thankfully for the half a billion Facebook users who’ve been impacted by the breach, there’s a more practical way to get help. Troy Hunt, a cyber security consultant and founder of Have I Been Pwned has uploaded the entire leaked database to his website that allows anyone to check whether their phone number is listed in the leaked database.
Austrian privacy activist Max Schrems has filed a complaint against Google in France alleging that the US tech giant is illegally tracking users on Android phones without their consent.
Android phones generate unique advertising codes, similar to Apple’s Identifier for Advertisers (IDFA), that allow Google and third parties to track users’ browsing behavior in order to better target them with advertising.
In a complaint filed on Wednesday, Schrems’ campaign group Noyb argued that in creating and storing these codes without first obtaining explicit permission from users, Google was engaging in “illegal operations” that violate EU privacy laws.
Noyb urged France’s data privacy regulator to launch a probe into Google’s tracking practices and to force the company to comply with privacy rules. It argued that fines should be imposed on the tech giant if the watchdog finds evidence of wrongdoing.
“Through these hidden identifiers on your phone, Google and third parties can track users without their consent,” said Stefano Rossetti, privacy lawyer at Noyb. “It is like having powder on your hands and feet, leaving a trace of everything you do on your phone—from whether you swiped right or left to the song you downloaded.”
[…]
Last year, Schrems won a landmark case at Europe’s highest court that ruled a transatlantic agreement on transferring data between the bloc and the US used by thousands of corporations did not protect EU citizens’ privacy.
