U.S. Charges China-Based Hacking Group for Massive 2015 Anthem Data Breach that Affected 78 Million People

U.S. Department of Justice charged China-based hacking group for their role in computer intrusion and the massive data breach of health insurer Anthem Inc.

Fujie Wang, 32, and other unnamed members of the Chinese hacking group charged with four-count, including one count of conspiracy to commit fraud and relation computers, identity theft.

Another count for conspiracy to commit wire fraud and another two counts for of intentional damage to a protected computer.

Attackers gained access to the computer system of Anthem and three other unnamed U.S companies using sophisticated techniques and gained access to the companies computers without any authentication.

As part of this international computer hacking scheme, the indictment alleges that beginning in February 2014, reads DoJ press release.

Once they gained access to the system, they installed malware and tools on the compromised computer systems to penetrate further into the companies network and to ex-filtrate personally identifiable information (PII) and confidential business information.

The Chinese hacking group committed worst data breaches in history, these defendants allegedly attacked U.S. businesses operating in four distinct industry sectors, and violated the privacy of over 78 million people by stealing their PII” said Assistant Attorney General Benczkowski.

Anthem disclosed data breach on 2015, the hackers stole 78.8 million users personal data from Anthem’s computer network that includes names, health identification numbers, dates of birth, Social Security numbers, addresses, telephone numbers, email addresses, employment information, and income data, according to the indictment.

According to the indictment, hackers used advanced sophistication techniques to gain access to the organization’s computer systems. They use specially crafted spearfishing emails which contains hyperlinks that link to malware download from the attacker’s server.

“The indictment alleges that the defendants accessed the computer network of Anthem without authorization to conduct reconnaissance on Anthem’s enterprise data warehouse, a system that stores a large amount of PII, on multiple occasions in October and November 2014.”

They accessed the computer network of Anthem multiple times in January 2015 and transferred the encrypted files that contain PII from Anthem’s enterprise data warehouse from the United States to China.

Also, the defendants deleted the encrypted archive from Anthem’s enterprise data warehouse to avoid detection.

“The FBI investigated this case, Anthem’s cooperation and openness in working with the FBI on the investigation of this sophisticated cyber-attack was imperative in allowing for the identification of these individuals. This also speaks to the strong partnerships the FBI has with the private sector, as well as the tenacity and global reach of the Bureau,” said Special Agent in Charge Grant Mendenhall.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

FBI-affiliated Websites Hacked – Hackers Steals Agents Personal data From Websites and Published Online

Two Hackers of Bayrob Malware Gang Convicted for Infecting more than 400,000 Computers Worldwide

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…

10 hours ago

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…

10 hours ago

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…

13 hours ago

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities, including…

16 hours ago

Veritas Enterprise Vault Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely

Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…

17 hours ago

7-Zip RCE Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…

17 hours ago