Skip to Content
Computing

The US says the Chinese military hacked Equifax. Here’s how.

William Barr
William Barr
William BarrGetty Images

The data breach at US credit agency Equifax in 2017 was one of the biggest thefts of sensitive personal information of all time—and according to a new indictment unveiled today by the US Department of Justice, it was carried out by Chinese military hackers.

Attorney General William Barr announced charges against four Chinese military hackers for breaking into Equifax and stealing trade secrets as well as the personal data of 145 million Americans, nearly half the population.

The tactics: A critical software vulnerability in the web application software was publicly disclosed on March 7, 2017. The vulnerability had not yet been updated or fixed by Equifax two months later, when US authorities say Chinese hackers were actively using it to break into Equifax’s networks and computers to steal  sensitive data including names, birth dates, and Social Security numbers.

The attackers: The newly unsealed indictment names Wu Zhiyong, Wang Qian, Xu Ke, and Liu Lei as the responsible hackers, identifying them as members of the Chinese People’s Liberation Army’s 54th Research Institute. 

The indictment, the result of a two-year investigation, details how these Chinese operatives worked to access, steal, and make off with the mountains of data. The hackers “ran approximately 9,000 [SQL] queries on Equifax’s system,” says the indictment, and “created an archive containing 49 directories. Once created ... split it into 600MB segments which were then downloaded from the Equifax network to a Dutch server via HTTP.”

“This data has economic value, and these thefts can feed China’s development of artificial-intelligence tools or intelligence-targeting packages,” Barr said at the Justice Department today.

The big picture: “Today, we hold PLA hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the Internet’s cloak of anonymity and find the hackers that nation repeatedly deploys against us,” Barr said. “Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets, and other confidential information.”

Today’s announcement is the latest in a growing list of US indictments against Chinese hackers who American officials say are engaged in a national strategy of stealing American intellectual property and data as a way to challenge and surpass the US on the world stage. Chinese officials have repeatedly denied hacking charges.

Deep Dive

Computing

Linux hack concept
Linux hack concept

The US military wants to understand the most important software on Earth

Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted

Close up of worker inspecting chip in a clean room
Close up of worker inspecting chip in a clean room

Corruption is sending shock waves through China’s chipmaking industry

The arrests of several top semiconductor fund executives could force the government to rethink how it invests in the sector.

inflection point post-NSO concept
inflection point post-NSO concept

The hacking industry faces the end of an era

But even if NSO Group is no more, there are plenty of rivals who will rush in to take its place. And the same old problems haven’t gone away.

The Western Union Building, 60 Hudson Street, c. 1931.
The Western Union Building, 60 Hudson Street, c. 1931.

Energy-hungry data centers are quietly moving into cities

Companies are pushing more server farms into the hearts of population centers.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.