X

Justice Department indicts Chinese hackers allegedly behind Anthem breach

Nearly 80 million records were stolen in the 2015 hack on the health insurance company.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
See full bio
Alfred Ng
2 min read
screen-shot-2019-05-09-at-4-14-10-pm

The FBI released a wanted poster of the two alleged hackers behind Anthem's breach.

 Federal Bureau of Investigation

The Justice Department has charged two Chinese hackers accused of stealing millions of records from one of the largest health insurance companies in the US.

On Thursday, the US government announced charges against Fujie Wang and another hacker with three different aliases (Deniel Jack, Kim Young and Zhou Zhihong), accusing the two Chinese nationals of hacking Anthem in 2015. 

"The allegations in the indictment unsealed today outline the activities of a brazen China-based computer hacking group that committed one of the worst data breaches in history," Assistant Attorney General Brian Benczkowski said in a statement.

The hack affected up to 78.8 million people using Anthem, and included sensitive data like names, Social Security numbers, phone numbers, email addresses, income and birthdates, according to court documents. In 2017, Anthem settled a class action lawsuit, agreeing to pay $115 million to the affected victims.

"We are grateful for the support and partnership of the FBI and extended law enforcement team in investigating the sophisticated cyber-attack that Anthem was a victim of in February 2015, and are pleased with the action taken today," an Anthem spokeswoman said in a statement.

According to the indictment, the two are also allegedly behind attacks on three other US companies, including a large tech company and a communication services company.

They were able to access these networks and steal millions of records through spear-phishing emails, prosecutors said in the indictment. Once victims at Anthem and the other three companies clicked on the link, it'd download a file and deploy malware, granting the attackers remote access, the Justice Department said.

After the hack, Anthem revealed that the stolen data it stored wasn't encrypted, but it's likely that security measures wouldn't have protected the sensitive records. 

Originally published May 9, 1:17 p.m. PT.
Updates, 1:24 p.m.: Adds remarks from the Justice Department; 2:05 p.m.: Includes response from Anthem.