Skip to Content
Computing

Chinese hackers allegedly stole data of more than 100,000 US Navy personnel

December 20, 2018

That’s one of the stunning allegations against two Chinese government hackers in an indictment issued today by America’s Department of Justice (DOJ).
 
The news: The indictment accuses the two hackers, Zhu Hua and Zhang Shilong, of working for a group with links to China’s Ministry of State Security, the country’s main intelligence agency. Dubbed Advanced Persistent Threat 10, or APT 10, by security researchers, the group mainly aimed to steal intellectual property, but it also scooped up information about US military personnel, including Social Security numbers, dates of birth, and salaries. The US Navy reportedly has somewhere around 330,000 active duty members, so the hack likely affected a significant percentage of them.
 
International sweep: By sneaking into the computers of a US company that manages IT systems remotely for other businesses, the Chinese hackers were allegedly able to access computers at more than 45 companies in a dozen countries, including the US, the UK, Australia, India, and Japan. After the DOJ’s announcement, the British foreign secretary called the APT 10 activity “one of the most significant and widespread intrusions against the UK and allies uncovered to date.”
 
Growing tensions: The indictment comes at a time when US-China relations have already been strained by a trade war and the arrest in Canada of Meng Wanzhou, the CFO of Huawei, a Chinese telecom giant that is at the center of a debate over network security. Meng, who faces extradition to the US, is accused of covering up efforts by Huawei to circumvent US sanctions on Iran. She denies any wrongdoing, and China has demanded her release. There are also strong suspicions that Chinese agents may have been behind the recent mega-hack of the Marriott hotel chain.

Deep Dive

Computing

Everything dies, including information

Digitization can help stem the tide of entropy, but it won’t stop it.

Moving money in a digital world

Security is the critical element to expanding digital-first payments.

Cyber resilience melds data security and protection

Organizations face pervasive and sophisticated cyberattacks, but modern data protection techniques can provide a multifaceted defense.

A new age of disaster recovery planning for SMEs

How cybersecurity threats have morphed, why SMEs need to plan for disaster recovery, and what they should do about it.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.