The US Department of Justice charged today a Chinese national for his role as a member of an elite Chinese hacking group that breached at least four US companies, including Indianapolis-based health insurer Anthem Inc. in 2015.
The DOJ indictment, unsealed today, names Fujie Wang, 32, as one of the group's members.
According to court documents, Wang and the other hackers typically operated using spear-phishing to trick employees into installing malware on their computers. Once the group infected an employee, they used the malware to escalate access to other systems inside a victim company's network until they found and stole data of interest --such as personally identifiable information (PII) and confidential business information.
US investigators said the group operated between February 2014 and January 2015. The DOJ only named Anthem in the court documents and did not disclose the names the three other companies hacked by Wang and his co-conspirators during this span.
One of the biggest hacks in US history
The Anthem hack ranks as one of the worst hacks in US history, up there with the OPM, Target, Equifax, and two Yahoo breaches.
The Anthem hack took place in the fall of 2014 and hackers stole the personal info of over 78.8 million Americans. Exposed data included Anthem client names, dates of birth, physical and email addresses, medical IDs and Social Security numbers.
The hack was informally attributed by members of the cyber-security industry to Chinese government-backed hackers, but Washington never made any formal accusations.
The DOJ's indictment doesn't mention any links between Wang and the Beijing government apparatus.
"The allegations in the indictment unsealed today outline the activities of a brazen China-based computer hacking group that committed one of the worst data breaches in history," said Assistant Attorney General Benczkowski.
"These defendants allegedly attacked U.S. businesses operating in four distinct industry sectors, and violated the privacy of over 78 million people by stealing their PII," Benczkowski added, referring to the Anthem breach.
Wang is still at large, presumably in China. He's now on the FBI's Most Wanted Cyber list.
Related cybersecurity coverage:
- A hacker is wiping Git repositories and asking for a ransom
- Microsoft recommends using a separate device for administrative tasks
- Chinese hackers were using NSA malware a year before Shadow Brokers leak
- New leaks of Iranian cyber-espionage operations hit Telegram and the Dark Web
- WordPress finally gets the security features a third of the Internet deserves
- In a first, Israel responds to Hamas hackers with an air strike
- The dark web is smaller, and may be less dangerous, than we think TechRepublic
- Game of Thrones has the most malware of any pirated TV show CNET