The United States Justice Department today announced charges against a Chinese hacker and his hacking team member for their alleged role in the 2015 massive data breach at health insurance giant Anthem and three other unnamed American companies.
Fujie Wang (王 福 杰) and another hacker named John Doe with three different aliases—Deniel Jack, Kim Young, and Zhou Zhihong—are charged with four counts of conspiracy to commit fraud, wire fraud, and damage to a protected computer, according to an indictment [pdf] unsealed today in federal court in Indianapolis.
In 2015, the hackers managed to breach Anthem, the country’s second-largest health insurance company and stole personal information of over 80 Millions of its customers, including their Social Security Numbers, birthdates, email addresses, residential addresses, medical identification numbers, employment information, and income data.
The incident marked as one of the worst data breaches in history, with the company paying a record $115 million fine to settle U.S. lawsuits.
According to the indictment, the hackers used sophisticated techniques, including spearfishing, to hack into the computer networks of the targeted businesses and then installed malware on their computers to further compromise the networks and gain access to sensitive users’ data and confidential business information.
“As part of this international computer hacking scheme, the indictment alleges that beginning in February 2014, the defendants used sophisticated techniques to hack into the computer networks of the victim businesses without authorisation,” the DoJ says.
“On multiple occasions in January 2015, the defendants accessed the computer network of Anthem, accessed Anthem’s enterprise data warehouse, and transferred encrypted archive files containing PII from Anthem’s enterprise data warehouse from the United States to China.”
images from Hacker News