Four Chinese military hackers were alleged to be behind the Equifax data breach which exposed the personal and financial data of nearly 150 million Americans.
The charges were announced by the United States Department of Justice and the state-sponsored hacking campaign was labeled as the largest hacking case ever uncovered of this type.
The four accused, Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei were also charged for their association in hacking and stealing trade secrets, intellectual property and confidential information from many other U.S. businesses in recent years.
The credit reporting agency Equifax revealed about a huge cyberattack in September 2017, where highly sensitive data of nearly half of the U.S. population were stolen by hackers.
The hackers managed to compromise Equifax servers by making use of a critical vulnerability in Apache Struts Web Framework which the company forgot to patch on time even when an updated secure version of the software was available.
The hackers conducted reconnaissance of Equifax’s online dispute portal and obtained the login credentials to navigate Equifax’s network. On getting access to the files of interest, the hackers stored the stolen information in temporary output files. The compressed files were then able to download and exfiltrate the data from Equifax’s network to computers outside the United States.
The hackers ran around 9,000 queries on Equifax’s system, and got the names, birth dates, and social security numbers for nearly half of American citizens.
Due to the breach, Equifax was fined £500,000 by the U.K.’s privacy watchdog for failing to take appropriate steps to protect its customers for which they agreed to pay up to $700 million in fines to settle a series of state and federal investigations in the United States.
In a joint press conference held with the Attorney General William Barr and FBI Deputy Director David Bowdich, the officials stated that the FBI started this investigation two years ago with only 40 IP addresses that were involved in the attacks. The investigation further led them to these four members of the People’s Liberation Army’s 54th Research Institute.
All four indicted suspects are still on the loose, residing in China and have been added to the FBI’s Most Wanted Cyber list.