Friday, October 4, 2024
HomeComputer SecurityU.S. Charges China-Based Hacking Group for Massive 2015 Anthem Data Breach that...

U.S. Charges China-Based Hacking Group for Massive 2015 Anthem Data Breach that Affected 78 Million People

Published on

U.S. Department of Justice charged China-based hacking group for their role in computer intrusion and the massive data breach of health insurer Anthem Inc.

Fujie Wang, 32, and other unnamed members of the Chinese hacking group charged with four-count, including one count of conspiracy to commit fraud and relation computers, identity theft.

Another count for conspiracy to commit wire fraud and another two counts for of intentional damage to a protected computer.

- Advertisement - EHA

Attackers gained access to the computer system of Anthem and three other unnamed U.S companies using sophisticated techniques and gained access to the companies computers without any authentication.

As part of this international computer hacking scheme, the indictment alleges that beginning in February 2014, reads DoJ press release.

Once they gained access to the system, they installed malware and tools on the compromised computer systems to penetrate further into the companies network and to ex-filtrate personally identifiable information (PII) and confidential business information.

The Chinese hacking group committed worst data breaches in history, these defendants allegedly attacked U.S. businesses operating in four distinct industry sectors, and violated the privacy of over 78 million people by stealing their PII” said Assistant Attorney General Benczkowski.

Anthem disclosed data breach on 2015, the hackers stole 78.8 million users personal data from Anthem’s computer network that includes names, health identification numbers, dates of birth, Social Security numbers, addresses, telephone numbers, email addresses, employment information, and income data, according to the indictment.

According to the indictment, hackers used advanced sophistication techniques to gain access to the organization’s computer systems. They use specially crafted spearfishing emails which contains hyperlinks that link to malware download from the attacker’s server.

“The indictment alleges that the defendants accessed the computer network of Anthem without authorization to conduct reconnaissance on Anthem’s enterprise data warehouse, a system that stores a large amount of PII, on multiple occasions in October and November 2014.”

They accessed the computer network of Anthem multiple times in January 2015 and transferred the encrypted files that contain PII from Anthem’s enterprise data warehouse from the United States to China.

Also, the defendants deleted the encrypted archive from Anthem’s enterprise data warehouse to avoid detection.

“The FBI investigated this case, Anthem’s cooperation and openness in working with the FBI on the investigation of this sophisticated cyber-attack was imperative in allowing for the identification of these individuals. This also speaks to the strong partnerships the FBI has with the private sector, as well as the tenacity and global reach of the Bureau,” said Special Agent in Charge Grant Mendenhall.”

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

FBI-affiliated Websites Hacked – Hackers Steals Agents Personal data From Websites and Published Online

Two Hackers of Bayrob Malware Gang Convicted for Infecting more than 400,000 Computers Worldwide

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Cloud Penetration Testing Checklist – 2024

Cloud Penetration Testing is a method of actively checking and examining the Cloud system...

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...

Doppler Launches ‘Change Requests’ to Strengthen Secrets Management Security with Audited Approvals

Doppler, the leading platform in secrets management, today announces the launch of Change Requests,...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...