wordpress blog stats
Connect with us

Hi, what are you looking for?

, , ,

4 Chinese military personnel indicted for Equifax breach

US China
US China

On January 28, a federal grand jury in Atlanta indicted 4 Chinese military personnel for hacking into the credit reporting agency Equifax between at least May and June 2017 and for stealing Americans’ personal data and Equifax’s trade secrets. The four men — Wang Qian, Xu Ke, Liu Lei and Wu Zhiyong — are members of the 54th Research Institute of the People’s Liberation Army (PLA), that is, the Chinese armed forces, according to the US Department of Justice and the FBI.

What happened? In March 2017, Apache Struts Web Framework, an open-source web-application software that Equifax used for its online dispute portal, disclosed a vulnerability (CVE-2017-9805) that allowed attackers to remotely execute code on the targeted web application. Along with the disclosure, Apache Software Foundation also released a patch for the vulnerability. Equifax reportedly ignored both. As a result, roughly between March 13, 2017 and July 30, 2017, personally identifiable information (PII) of around 145 million Americans was leaked, Equifax had disclosed in September 2017.

What kind of data got leaked? According to the indictment, names, birth dates and social security numbers (SSNs) of around 145 million Americans, driving licence numbers of at least 10 million Americans, and credit card numbers of about 200,000 Americans were collected by hackers. PII of nearly a million UK and Canadian citizens was also harvested.

“[I]n a single breach, the PLA obtained sensitive personally identifiable information for nearly half of all American citizens.” — Indictment

Modus operandi: The 4 indicted personnel were residents of Beijing at the time and exploited this vulnerability to gain access to Equifax’s network.

  1. Reconnaissance: The 4 indicted Chinese nationals used this vulnerability as foothold to conduct reconnaissance of Equifax’s online dispute portal, and obtain login credentials to navigate Equifax’s network, according to the indictment. By running SQL queries, the indicted individuals identified Equifax’s database structure and searched for sensitive PII within the system.
  2. Exfiltration outside the US: After accessing files of interest, they downloaded and exfiltrated the data from Equifax networks to computers outside the US. Through about 9,000 queries, they obtained names, birth dates and social security numbers of around 145 million Americans, the indictment says.
    • Evading detection: To avoid detection, they routed traffic through approximately 34 servers in nearly 20 countries to obfuscate their true location, used encrypted communication channels within Equifax’s network to blend in, and deleted compressed files and log files on a daily basis.

“While doing this, the hackers also stole Equifax’s trade secrets, embodied by the compiled data and complex database designs used to store the personal information,” the US Attorney General William Barr said in his remarks.

What have they been charged with? They have been indicted on 9 counts:

Advertisement. Scroll to continue reading.
  1. Three counts of conspiracy to commit computer fraud, conspiracy to commit economic espionage, and conspiracy to commit wire fraud
  2. Two counts of unauthorised access and intentional damage to a protected computer
  3. One count of economic espionage
  4. Three counts of wire fraud.

‘Other Chinese illegal acquisitions of sensitive personal data’: Barr said that this attack was on par with “China’s voracious appetite for the personal data of Americans” which has included the theft of personnel records from the US Office of Personnel Management, the intrusion into Marriott hotels, and Anthem health insurance company.

The Chinese state is sponsoring attacks on American companies: Barr said that cases in the US revealed “a pattern of state-sponsored computer intrusions and thefts by China targeting trade secrets and confidential business information”. One such group is known as APT 10, which allegedly worked in association with the Chinese Ministry of State Security to target managed service providers and their clients worldwide across industries.

“Indeed, about 80 percent of our economic espionage prosecutions have implicated the Chinese government, and about 60 percent of all trade secret theft cases in recent years involved some connection to China.” — William Barr, US Attorney General

Written By

Send me tips at aditi@medianama.com. Email for Signal/WhatsApp.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.


Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.


This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.


It is widely argued that the PDP Bill report seeks to discard the intermediary status of social media platforms but that may not be...


Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ