Equifax data breach was China's doing, according to the US government

Ominous-looking monochrome hoodies superimposed by Chinese flag and bits and bytes.
(Image credit: BeeBright/Shutterstock)

The U.S. Department of Justice today accused four members of China's People's Liberation Army (PLA) of pulling off the 2017 Equifax hack, arguably the most serious data theft in American history. 

"This was a deliberate and sweeping intrusion into the private information of the American people," Attorney General William P. Barr said at a press conference today (Feb. 10). 

"Today, we hold PLA hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the Internet's cloak of anonymity and find the hackers that nation repeatedly deploys against us."

The Equifax hack resulted in the theft of personal data belonging to 146 million U.S. residents, whose names, addresses, dates of birth and Social Security numbers were compromised. Approximately 400,000 British residents and 100,000 Canadians were also affected.

Indictments returned in secret last week by a grand jury in Atlanta, where Equifax is based, charged Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei with nine criminal counts each: conspiracy to commit computer fraud, conspiracy to commit economic espionage, conspiracy to commit wire fraud, unauthorized access to a protected computer, intentional damage to a protected computer, economic espionage and three counts of wire fraud. 

It is not clear whether the four individuals are civilians working for the PLA or active-duty members of the Chinese military. No military ranks were given for any of the defendants in the indictment, but the four were said to be members of the PLA's 54th Research Institute. (Update: A wanted poster put up online by the FBI shows photos allegedly of Wu and Xu wearing military uniforms.)

  • More: Traveling to China? You need the best China VPN

The four men suspected of hacking Equifax.

(Image credit: FBI)

China was always suspected

Suspicion that the Equifax hack was carried out by Chinese government agents surfaced soon after the massive data theft was disclosed in September 2017. 

Even though the attackers reportedly had access to Equifax's systems from May through July of 2017, and the stolen information put half the U.S. population at severe risk of identity theft, none of the pilfered data was offered for sale in cybercrime marketplaces, nor was it used for other criminal purposes. 

Other huge data thefts that resulted in no uptick in criminal activity are thought to be the work of Chinese government agents. Those include the Starwood Hotels breach of early 2019 and the devastating 2015 Office of Personnel Management data breach, in which records of 21.5 million U.S. current, former and prospective government employees were stolen. 

The prevailing theory among American experts is that Chinese intelligence agencies use this data to find information on and track the movements of Western politicians, military leaders, corporate officers and intelligence officers.  

Equifax is in the process of settling a $380 million class-action lawsuit related to the breach. The window to file for compensation related to the breach recently closed, but it doesn't look like individual claimants will get much.

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.