DOJ Indicts Four Chinese Army Spies For Equifax Hack

DOJ Indicts Four Chinese Army Members For Equifax Hack

Federal prosecutors charged four Chinese intelligence officers on Monday (Feb. 10) with the 2017 cyberattack on credit reporting giant Equifax, which was one of the largest data breaches in history, according to The Wall Street Journal.

The Equifax cyberattack exposed the financial data of almost 150 million Americans and British and Canadian nationals. State and federal lawsuits through last year resulted in Equifax agreeing to pay a minimum $650 million settlement.

“This is the largest theft of sensitive PII (personally identifiable information) by state-sponsored hackers ever recorded,” said FBI Deputy Director David Bowdich, according to a report.

Four members of China’s People’s Liberation Army – Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei – were indicted on nine counts by a federal grand jury in Atlanta. They were charged with conspiring to steal data and company secrets by exploiting a software vulnerability used by Equifax’s online dispute portal.

“Today, we hold [the Chinese military] hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the internet’s cloak of anonymity and find the hackers that nation repeatedly deploys against us,” said Attorney General William Barr.

The breach gave hackers access to customers’ personal information, including Social Security numbers, drivers’ licenses, credit card numbers and birthdates. After several congressional hearings, the breach led to the resignation of the company’s former CEO Richard Smith.

“We don’t usually bring criminal charges against military and intelligence officers,” Barr said at a press conference. “There are exceptions, though.”

China has been involved with an increasing level of espionage-focused hacking in recent years due to a “desire to amass dossiers on Americans.” Targets have included the Office of Personnel Management and the health insurance firm Anthem, where two Chinese hackers were charged in May.

Security researchers said in December that they found indications that a hacking group linked to the Chinese government has been going around two-factor authentication (2FA). The attacks have been attributed to a group known as APT20, which is thought to operate at the behest of Beijing, per a report from Dutch cybersecurity firm Fox-IT.