U.S. indicts Chinese hackers over giant 2015 data breach
WASHINGTON, USA – The US Justice Department announced Thursday, May 9, the indictment of members of "an extremely sophisticated" Chinese hacking group that allegedly stole the personal information of more than 78 million people from health insurer Anthem in 2015.
The department said the group was behind a campaign that targeted the computer systems of 4 distinct US industry groups, slowly and stealthily removing corporate secrets and personal data.
"The allegations in the indictment unsealed today outline the activities of a brazen China-based computer hacking group that committed one of the worst data breaches in history," said Assistant Attorney General Brian Benczkowski.
The announcement came during heightened tensions between Washington and Beijing over trade and over China's alleged program to steal American corporate secrets in order to quicken China's own technological development.
The indictment named one member of the hacking group, Wang Fujie, 32, and said other members were also charged in the indictment, including some whose real identities were not known.
The Justice Department did not say that the group had any connections to the government, and did not say how the stolen data were used.
It said that besides the Anthem hack, the group was able to enter the systems of three other unnamed businesses, including one in the technology sector, another in basic industrial materials, and one in communications.
The hackers used phishing emails to trick company employees into opening a path for them to enter the systems.
They would then install malware and other tools on the systems to maintain backdoor access and avoid being discovered so they could explore for valuable data.
From health insurer Anthem they reaped the personal identification data on 78.8 million individuals, everything from addresses and identification numbers to their employment and income data.
"The defendants sometimes patiently waited months before taking further action, eventually engaging in reconnaissance by searching the network for data of interest," the Justice Department said.
Wang and the unnamed defendants were charged with conspiracy to commit fraud, wire fraud, and intentionally damaging protected computers. – Rappler.com