It Was The Chinese Army That Hacked Equifax

US has charged four Chinese military officers for cyber-attacks on credit rating giant Equifax in 2017 and stealing the personal information of about 145 million Americans. Millions of Canadian and British customers were also affected by the cyber-attack, which has been described as one of the largest data breaches in history.

Between May and the end of July 2017, the hackers stole 145.5 million social security numbers and 209,000 payment card numbers and expiration dates as well as names and addresses and Equifax’s company secrets, according to US Law Enforcement officials.

The charges against the men include conspiracy to commit computer fraud, conspiracy to commit economic espionage and conspiracy to commit wire fraud.In an indictment handed up by a grand jury in Atlanta, the men face nine counts including conspiracy to commit computer fraud and conspiracy to commit economic espionage. 

Attorney General William Barr, who announced the charges, called it the latest example of what he said was a sweeping campaign by China's government to steal seemingly endless amounts of data from the United States. "Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets and other confidential information," Barr said.

Equifax, which is based in Atlanta, compiles information on millions of Americans as part of the loan and finance system. Last year, it paid up to $700 million in fines and monetary relief to consumers.
The four men who have been charged are members of the 54th Research Institute of the People's Liberation Army, according to the indictment. 

Cyber Attack Access
The defendants illegally accessed Equifax's network through a vulnerability in the company's online dispute portal, prosecutors say. Once inside the system, they vacuumed up names, birth dates and social security numbers for 145 million Americans, nearly half of all Americans. They stole credit card numbers and other information for some 200,000 Americans as well as Equifax trade secrets, the indictment says."For years, we have witnessed China's voracious appetite for the personal data of Americans, including the theft of personnel records from the Office of Personnel Management, the intrusion into Marriott Hotels and Anthem health insurance companies, and now the wholesale theft of credit and other information from Equifax," Barr said.

"This data has economic value," he added, "and these thefts can feed China's development of artificial intelligence tools, as well as the creation of intelligence targeting packages."

The FBI's deputy director, David Bowdich, said there's no indication at this point that the stolen information has been used, including to target U.S. government officials. Prosecutors say the hackers tried to cover their tracks to avoid detection by routing their work through around 34 servers located in nearly 20 countries.

Cyber War 
The charges recently announced are the latest against Chinese or China-linked defendants in a string of Justice Department prosecutions, part of what Barr and other officials call a huge wave of espionage activity, including economic, directed at the US. 

Equifax CEO Mark Begor said in a statement on Monday that his company has tried to keep pace with cybersecurity but the sophistication of threats like that posed by China would test any company, or other targets. "Combating this challenge from well-financed nation-state actors that operate outside the rule of law is increasingly difficult," he said. "Fighting this cyberwar will require the type of open cooperation and partnership between government, law enforcement and private business that we have experienced firsthand."

Equifax was also fined £500,000 by the UK’s Information Commissioner’s Office for failing to protect the personal information of up to 15 million British consumers.

One year after the attacks Equifax reportedly spent more than £1 billion in clean-up costs and to overhaul its information security programme.As well as financial reimbursement, the company must also provide all of its US customers with six free credit reports every year for seven years.

NPR:     The Week:         DIGIT:      BBC:        Washington Examiner

You Might Also Read: 

The Financial Services Industry Just Does Not Get It:

Equifax: Insider Trading Charges:

 

 

« Cyber Attacks On Banks Could Trigger Financial Crisis
Labour Party Risks £15m Fine For Not protecting Members' Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

GovCERT.HK

GovCERT.HK

GovCERT.HK is the Government Computer Emergency Response Team for Hong Kong.

Software Testing News

Software Testing News

Software Testing News provides the latest news in the industry; from the most up-to-date reports in web security to the latest testing tool that can help you perform better.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

Navarino

Navarino

Navarino is the maritime industry’s most advanced communications and connectivity company. We develop advanced technologies and innovative IT solutions including cyber security.

CARICERT

CARICERT

CARICERT is the National Cyber Emergency Response Team of Curacao in the Caribbean.

GM Security Technologies

GM Security Technologies

GM Security Technologies provides leading managed security services of the highest quality to every type of individual and organization in Puerto Rico, Caribbean and Latin America.

IntelligInts

IntelligInts

IntelligInts provide 24×7 threat monitoring, hunting, alerting, and mitigation in our world class Security Operations Center.

Vijilan Security

Vijilan Security

Vijilan provides 24/7 SOC services to MSPs/VARs. Our Security Operations Center is global, and our services are exclusive to the Channel.

ArmorCode

ArmorCode

ArmorCode's intelligent application security platform gives us unified visibility into AppSec postures and automates complex DevSecOps workflows.

NVISIONx

NVISIONx

NVISIONx data risk governance platform enables companies to gain control of their enterprise data to reduce data risks, compliance scopes and storage costs.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

PureSquare

PureSquare

PureSquare exist to empower people with simple solutions for their increasingly complex digital security & online privacy needs.

Fairdinkum Consulting

Fairdinkum Consulting

Fairdinkum is a leading full-service IT consulting firm with more than two decades of experience in the industry.

Action Fraud

Action Fraud

Action Fraud is the UK’s national reporting centre for fraud and cyber crime where you should report fraud if you have been scammed, defrauded or experienced cyber crime.

Tryaq

Tryaq

Tryaq are a group of cybersecurity experts and enthusiasts who share the mission to make the world feel safer online.

ARGOS Cloud Security

ARGOS Cloud Security

ARGOS aims to simplify and strengthen cloud security, by creating a visual map of security vulnerabilities, to your priceless information stored in any cloud provider environment.