How Chinese army hackers allegedly stole personal info

How Chinese army hackers allegedly stole personal info


Chinese military hackers exploited a flaw in software that allowed U.S. consumers to dispute problems with their Equifax credit reports, giving the hackers access to the personal information of 145 million Americans, according to a criminal indictment unsealed Monday.

The 2017 breach occurred after Equifax security officials failed to install a software upgrade that had been recommended to seal off digital intruders from obtaining access to the names, birth dates and social security numbers of the victims, the indictment says.

The U.S. Department of Justice on Monday announced that a federal grand jury in Atlanta had delivered a nine-count indictment accusing four hackers and members of China’s People’s Liberation Army – Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei – of serving as masterminds of the hack.

FBI Deputy Director Bowdich said there’s no evidence the Chinese military has used the stolen information for any illegal purposes. But he said the “brazen theft” illustrates that “China is one of the most significant threats to our national security today.”

Equifax hacking:Four members of Chinese army charged with stealing 145 million Americans’ data

Security group:Equifax had patch 2 months before hack and didn’t install it

FILE- This July 21, 2012, file photo shows signage at the corporate headquarters of Equifax Inc. in Atlanta. On Wednesday, March 28, 2018, Equifax announced that Mark Begor will become its CEO as the credit reporting company continues to try to recover from fallout surrounding a massive data breach. (AP Photo/Mike Stewart, File) ORG XMIT: NYBZ327

From a technical perspective, the breach unfolded like a classic robbery.

The criminals identified a flaw in Equifax’s security system, executed a plan of attack to penetrate the system and devised a scheme to cover their tracks on their way out.

According to the indictment, the hackers:

• Recognized that Equifax had failed to install an upgrade to Apache Struts software, which Apache had recommended around March 7, 2017, and was then flagged by the U.S. Computer Emergency Readiness Team as a security threat. The software underpinned an online portal that allowed consumers to dispute their credit report details. 


Source link

Categorized as Business

By Bernice Caldwell

Bernice is one of the finest authors Industry News Today portal has until now. Bernice's linguistic and well-written technique is one of the plus points that have the readers glued to her articles. Bernice currently heads the Healthcare and Services domain as her knowledge on the medical topics is immense. She has just joined the Industry News Today portal 6 Months back but the love for writing can be very well seen. She may be short on experience but it has definitely not stopped her from presenting some of the finest articles. Bernice is currently a very well-known personality on the portal to have shown her skillful writing in such a limited time span.

Leave a comment

Your email address will not be published.