U.S. Department of Justice charged China-based hacking group for their role in computer intrusion and the massive data breach of health insurer Anthem Inc.
Fujie Wang, 32, and other unnamed members of the Chinese hacking group charged with four-count, including one count of conspiracy to commit fraud and relation computers, identity theft.
Another count for conspiracy to commit wire fraud and another two counts for of intentional damage to a protected computer.
Attackers gained access to the computer system of Anthem and three other unnamed U.S companies using sophisticated techniques and gained access to the companies computers without any authentication.
As part of this international computer hacking scheme, the indictment alleges that beginning in February 2014, reads DoJ press release.
Once they gained access to the system, they installed malware and tools on the compromised computer systems to penetrate further into the companies network and to ex-filtrate personally identifiable information (PII) and confidential business information.
The Chinese hacking group committed worst data breaches in history, these defendants allegedly attacked U.S. businesses operating in four distinct industry sectors, and violated the privacy of over 78 million people by stealing their PII” said Assistant Attorney General Benczkowski.
Anthem disclosed data breach on 2015, the hackers stole 78.8 million users personal data from Anthem’s computer network that includes names, health identification numbers, dates of birth, Social Security numbers, addresses, telephone numbers, email addresses, employment information, and income data, according to the indictment.
According to the indictment, hackers used advanced sophistication techniques to gain access to the organization’s computer systems. They use specially crafted spearfishing emails which contains hyperlinks that link to malware download from the attacker’s server.
“The indictment alleges that the defendants accessed the computer network of Anthem without authorization to conduct reconnaissance on Anthem’s enterprise data warehouse, a system that stores a large amount of PII, on multiple occasions in October and November 2014.”
They accessed the computer network of Anthem multiple times in January 2015 and transferred the encrypted files that contain PII from Anthem’s enterprise data warehouse from the United States to China.
Also, the defendants deleted the encrypted archive from Anthem’s enterprise data warehouse to avoid detection.
“The FBI investigated this case, Anthem’s cooperation and openness in working with the FBI on the investigation of this sophisticated cyber-attack was imperative in allowing for the identification of these individuals. This also speaks to the strong partnerships the FBI has with the private sector, as well as the tenacity and global reach of the Bureau,” said Special Agent in Charge Grant Mendenhall.”