How Chinese Military Officers Allegedly Hacked Equifax
The U.S. Justice Department has filed charges against four members of China's military on suspicion of perpetrating the March 2017 Equifax data breach.
About 145 million Americans were impacted by the breach, which leaked highly sensitive information about consumers, including their Social Security numbers.
The FBI is looking for tips on the four men in question.
Just shy of three years since the infamous Equifax data breach leaked sensitive personal information about nearly half of the U.S. population—including social security numbers, birthdates, addresses, and driver's license numbers—the U.S. Department of Justice has filed charges against four members of the Chinese military in connection with the March 2017 hacking.
A federal grand jury at the U.S. District Court in Atlanta returned an indictment last week, charging Wu Zhiyong, Wang Qian, Xu Ke, and Liu Lei of the Chinese People's Liberation Army (PLA) with hacking into Equifax's computer systems to steal trade secrets from the credit reporting agency, as well as personally identifiable information from 145 million Americans.
"This data has economic value, and these thefts can feed China’s development of artificial intelligence tools," Attorney General William P. Barr said in a statement.
Allegedly, the defendants exploited a vulnerability in the Apache Struts Web Framework software that Equifax used in its online dispute portal. The four Chinese nationals then used that access to obtain login credentials that could be used to further infiltrate the Equifax network, according to the indictment. Over the course of several weeks, the four men allegedly ran queries in the Equifax database structure to find sensitive and personally identifiable information on Equifax customers.
Once the Chinese nationals found files of interest, they allegedly stored the stolen data in temporary output files, compressed and divided them, and exfiltrated the information from Equifax's network to computers outside of the U.S. In total, according to the indictment, the attackers ran 9,000 queries on the Equifax system.
The hackers took preventative measures to hide their location, per the indictment. They allegedly routed internet traffic through approximately 34 servers in 20 countries to obfuscate their actual location and used encrypted communication channels to blend in with normal activity on the Equifax server.
According to the indictment, the four Chinese nationals are charged with Computer Fraud, Economic Espionage, Wire Fraud, Conspiracy to Commit Computer Fraud, Conspiracy to Commit Economic Espionage, and Conspiracy to Commit Wire Fraud.
You Might Also Like
