DOJ charges four Chinese military hackers for Equifax hack

DOJ said the hackers stole data on Americans and Equifax's intellectual property.
Written by Catalin Cimpanu, Contributor

The US Department of Justice has announced charges against four Chinese hackers for breaching US credit reporting agency Equifax in the summer of 2016.

Speaking at a press conference on Feb. 10, US Attorney General William Barr said the four hackers are believed to be members of the Chinese People Liberation Army (PLA).

The four hackers were identified as Liu Lei, Wang Qian, Wu Zhiyong, and Xu Ke, members of the 54th Research Institute, a component of the PLA.

General Attorney Barr said the four stole not only data on US citizens, but also Equifax's proprietary data.

The charges are in relation to a data breach that Equifax disclosed in September 2017. At the time, the company said hackers stole the details of 145.5 million Americans, but also of millions of British and Canadian citizens.

In a post-mortem published in September 2018, Equifax provided a step-by-step account of what happened before and after the hack. The company said the hackers exploited a vulnerability in an unpatched Apache Struts server used for its online dispute portal.

The FBI described the case as challenging, as they had very little information at their disposal. Officials said the Equifax investigation started with only 40 IP addresses that were used during the cyber-attack.

This marks the second time the US has charged hackers associated with the Chinese military. The first charges came in 2014, when the DOJ charged five other hackers for hacks against multiple US companies.

"We don't usually bring criminal charges against military and intelligence officers," Barr said. "There are exceptions though."

Image: FBI

The US Attorney General said the deliberate and indiscriminate theft of civilian information could not be accepted.

Most intelligence and counter-intelligence operations are usually left off the table when it comes to criminal investigations, as long as they don't target civilians. US officials said that this operation orchestrated by China's military hackers was different because they focused on the mass collection of civilian data and intellectual property theft.

Speaking at a conference last week, the FBI said it is currently investigating more than 1,000 cases of Chinese theft of US technology.

Previously, the US charged:

Unlike the 2014 charges, these hackers were mostly contractors, rather than PLA military personnel.

The four charged today are still at large. The hackers charged in previous years -- contractors, intelligence personnel, and military members -- are also still at large. FBI officials said today that there are low chances the US will ever arrest and bring these individuals to justice, however, they plan to continue bringing charges as a way to put pressure on China and expose its cyber-espionage and criminal hacking operations.

Days following the 2017 data breach announcement, then-Equifax CEO Richard Smith announced his retirement. In July 2019, Equifax signed a $700 million deal to end all data breach-related lawsuit.

Editorial standards