US indicts Chinese national in biggest known healthcare hack in its history

10 May, 2019 01:31 / Updated 6 years ago

A Chinese national and another man have been indicted on conspiracy charges to steal personal information and commit fraud by gaining access to the database of America's second-largest health insurer, affecting 80 million people.

According to the indictment unsealed by the US Department of Justice on Thursday, 32-year-old Chinese national Fujie Wang and another suspect identified as John Doe hacked into computers of Anthem Inc. and three other business that have not been named. The suspects are alleged to have duped the employees of Anthem into giving them unimpeded access to the data of 78.8 million customers and employees with "spearfishing" emails. When an employee clicked on a hyperlink in the email, a file was downloaded which infected their computer with malware. The malware included a back door that gave the hackers unauthorized remote access to the company's files.

Also on rt.com ‘Tens of millions’ of records stolen in hack attack on health insurer Anthem

While the hack started in February 2014, it was not discovered by the company, which is the nation's second-largest provider of health insurance, until a year later, when the suspects had already transferred the data, which included personally identifiable information and confidential business information, to "destinations in China."

The men have been charged with one count of conspiracy to commit fraud and identity theft, one count of conspiracy to commit wire fraud, as well as two counts of damaging a protected computer.

When the scope of the attack had first come to light, investigators suggested that a foreign government might be behind the sweeping attack. A team of state insurance commissioners looking into the breach alleged in 2017 that the hackers were hired by a foreign state. Although their report did not identify a purported employer of the malware specialists, speculation was rife that the hack might have originated from China.

The indictment comes at a time of escalating tensions between the US and China over an ongoing trade war and cyber security. The US government's campaign to drive out Chinese telecommunication giant Huawei from the global 5G market is gaining momentum, with Secretary of State Mike Pompeo recently going as far as threatening to end the US-UK “special relationship” if Britain welcomes Huawei into its market. Washington alleges that the telecommunication technology might be used to spy for Beijing, although there is no proof to back this claim.

However, the latest indictment does not imply the hack was perpetrated by a state actor. Assistant Attorney General Benczkowski stated that the job was done by "a brazen China-based computer hacking group" which makes it allegedly responsible for "one of the worst data breaches in history."

The massive data breach spelled years of legal woes for Anthem, in the end costing it over $130 million in record-breaking settlements with affected customers and the Department of Health and Human Services.

Think your friends would be interested? Share this story!