US Attorney General Bill Barr announced yesterday that four employees of China’s military have been charged with the 2017 Equifax breach. The defendants, who work for the 54th Research Institute of the Chinese People’s Liberation Army (PLA) were indicted for hacking into servers owned by Equifax and stealing sensitive, personally identifying information of approximately 145 million Americans. The defendants gained access by exploiting a vulnerability in the Apache Struts Web Framework software, which was used by Equifax’s online dispute portal. The charges also allege that the hackers stole trade secrets from Equifax. The indictment states that the attackers used the initial access to steal passwords for other accounts and expand their access to other computers, operating over the course of several weeks. The stolen information was routed through approximately 34 servers in nearly 20 countries in an attempt to disguise the source of the intrusion. Equifax cooperated with the investigation by providing evidence of IP addresses and malware used by the hackers, which enabled the law enforcement investigation to uncover the true source of the intrusion.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.