A Chinese national has been indicted by federal prosecutors for his role in a complex data breach scheme on four US companies – one of which is health insurance company Anthem.
According to an indictment, 32-year-old Shenzhen resident Fujie Wang, aka Dennis, was part of a hacking group that managed to gain entry into the systems of Anthem and three other companies.
Wang, along with other members of the group, infiltrated the systems using spear-phishing emails that lured employees of the companies to malicious websites. Those websites then installed backdoors on the employees’ computers, which were allegedly exploited by the hackers to penetrate the systems.
The indictment alleged that, in some cases, the hackers would wait months before harvesting sensitive data stored on the networks – presumably to avoid drawing attention to the breach. The intrusions spanned from February 2014 to January 2015.
Ars Technica reported that two of the other unnamed companies affected by the breach were in the technology and basic materials industries. The last one offered communications services.
In total, the hackers exposed the data of 78.8 million people.
Wang’s group started infiltrating Anthem’s systems on February 18, 2014, by sending a spear-phishing email to employees of an Anthem subsidiary. The phishing attempt resulted in at least one of the subsidiary’s computers being infected. The hacking group made its next move on May 13, 2014, accessing Anthem’s network and infected one of the computers connected to it. Prosecutors said that over the next few months, the hackers instigated other fraudulent acts.
Incident responders finally detected the breach and ejected the hackers in January 2015. It took Wang’s group about nine months before it could break into the enterprise data warehouse that stored Anthem’s customer records.