The United States’ Justice Department deemed two Chinese nationals indicted for hacking health care data, according to The Verge. The attack compromised the sensitive information of around 79 million individuals.
The security breach includes data from health insurance provider Anthem and the others. This occurred in the period from February 2014 to January 2015.
The formal accusation named Chinese nationals Wang Fujie, 32 and an unidentified man only called John Doe. Reports of the incident reveal that the attackers utilized advanced methods to access networks unauthorized. The assault also involved the use of malware and other malicious tools to weaken network security of victims.
The incident first came into public view in February 2015. Reports say that the hackers utilized emails directed to the target organizations, including Anthem. Embedded with malicious links, the breach started once victims clicked on the link, which downloaded and installed the malware.
This resulted in an opening which allowed the attackers to gather personal data including names, employment and income details. Other information compromised by the breach includes health and social security details.
Authorities discovered the exploits in January 2015 when they tracked the domains used by the hackers. The virtual private systems used by the attackers paid through Alipay also made the detection possible.
Assistant Attorney General Brian Benczkowski remarks that the China-based hacking group is “one of the worst data breaches in history.”
Wired notes that some people think that China launched the attack. In fact, above 90% of the DOJ’s cases concerning the so-called ‘economic espionage’ involved China. However, the indictment unsealed by DOJ does not mention motives or affiliations.
Anthem paid $16 million to the U.S. government as a penalty for the privacy violations. Lawyer Josh Minkler says that the breach negatively impacted millions of citizens. The formal complaint also directs the suspects to surrender properties or assets acquired through the attack.
Meanwhile, CNBC has also reported a security breach perpetrated by Chinese nationals Zhu Hua and Zhang Shilong. This attack compromised sensitive details of over 100,000 U.S. Navy members. Some believe that the two are members of a hacking group named “Advanced Persistent Threat 10” or APT10. It is also known as “Red Apollo” and “Stone Panda.” Officials are yet to place the suspects in custody.
It is not clear whether Wang Fujie and John Doe are part of this group.