U.S. Charges China-Based Hacking Group for Massive 2015 Anthem Data Breach that Affected 78 Million People

U.S. Department of Justice charged China-based hacking group for their role in computer intrusion and the massive data breach of health insurer Anthem Inc.

Fujie Wang, 32, and other unnamed members of the Chinese hacking group charged with four-count, including one count of conspiracy to commit fraud and relation computers, identity theft.

Another count for conspiracy to commit wire fraud and another two counts for of intentional damage to a protected computer.

Attackers gained access to the computer system of Anthem and three other unnamed U.S companies using sophisticated techniques and gained access to the companies computers without any authentication.

As part of this international computer hacking scheme, the indictment alleges that beginning in February 2014, reads DoJ press release.

Once they gained access to the system, they installed malware and tools on the compromised computer systems to penetrate further into the companies network and to ex-filtrate personally identifiable information (PII) and confidential business information.

The Chinese hacking group committed worst data breaches in history, these defendants allegedly attacked U.S. businesses operating in four distinct industry sectors, and violated the privacy of over 78 million people by stealing their PII” said Assistant Attorney General Benczkowski.

Anthem disclosed data breach on 2015, the hackers stole 78.8 million users personal data from Anthem’s computer network that includes names, health identification numbers, dates of birth, Social Security numbers, addresses, telephone numbers, email addresses, employment information, and income data, according to the indictment.

According to the indictment, hackers used advanced sophistication techniques to gain access to the organization’s computer systems. They use specially crafted spearfishing emails which contains hyperlinks that link to malware download from the attacker’s server.

“The indictment alleges that the defendants accessed the computer network of Anthem without authorization to conduct reconnaissance on Anthem’s enterprise data warehouse, a system that stores a large amount of PII, on multiple occasions in October and November 2014.”

They accessed the computer network of Anthem multiple times in January 2015 and transferred the encrypted files that contain PII from Anthem’s enterprise data warehouse from the United States to China.

Also, the defendants deleted the encrypted archive from Anthem’s enterprise data warehouse to avoid detection.

“The FBI investigated this case, Anthem’s cooperation and openness in working with the FBI on the investigation of this sophisticated cyber-attack was imperative in allowing for the identification of these individuals. This also speaks to the strong partnerships the FBI has with the private sector, as well as the tenacity and global reach of the Bureau,” said Special Agent in Charge Grant Mendenhall.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

FBI-affiliated Websites Hacked – Hackers Steals Agents Personal data From Websites and Published Online

Two Hackers of Bayrob Malware Gang Convicted for Infecting more than 400,000 Computers Worldwide

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…

5 hours ago

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…

6 hours ago

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…

6 hours ago

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…

6 hours ago

New Windows Zero-Day Vulnerability Let Attackers Steal Credentials From Victim’s Machine

A security researcher discovered a vulnerability in Windows theme files in the previous year, which…

6 hours ago

SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins

The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…

6 hours ago