US charges one of the Anthem hackers
The US Department of Justice charged today a Chinese national for his role as a member of an elite Chinese hacking group that breached at least four US companies, including Indianapolis-based health insurer Anthem Inc. in 2015.
The DOJ indictment, unsealed today, names Fujie Wang, 32, as one of the group’s members.
According to court documents, Wang and the other hackers typically operated using spear-phishing to trick employees into installing malware on their computers. Once the group infected an employee, they used the malware to escalate access to other systems inside a victim company’s network until they found and stole data of interest –such as personally identifiable information (PII) and confidential business information.
US investigators said the group operated between February 2014 and January 2015. The DOJ only named Anthem in the court documents and did not disclose the names the three other companies hacked by Wang and his co-conspirators during this span.
One of the biggest hacks in US history
The Anthem hack ranks as one of the worst hacks in US history, up there with the OPM, Target, Equifax, and two Yahoo breaches.
The Anthem hack took place in the fall of 2014 and hackers stole the personal info of over 78.8 million Americans. Exposed data included Anthem client names, dates of birth, physical and email addresses, medical IDs and Social Security numbers.
The hack was informally attributed by members of the cyber-security industry to Chinese government-backed hackers, but Washington never made any formal accusations.
The DOJ’s indictment doesn’t mention any links between Wang and the Beijing government apparatus.
“The allegations in the indictment unsealed today outline the activities of a brazen China-based computer hacking group that committed one of the worst data breaches in history,” said Assistant Attorney General Benczkowski.
“These defendants allegedly attacked U.S. businesses operating in four distinct industry sectors, and violated the privacy of over 78 million people by stealing their PII,” Benczkowski added, referring to the Anthem breach.
Wang is still at large, presumably in China. He’s now on the FBI’s Most Wanted Cyber list.