Equifax’s massive data breach, which potentially exposed the personal information of 143 million consumers and the credit card numbers of 209,000 U.S. consumers, has some thinking it was state-sponsored.
According to a news report in Bloomberg, unnamed sources contend that investigations into the hack are revealing signs that a government was involved in the data breach. The sources said that while the hackers who initially breached Equifax weren’t super sophisticated or experienced, they did shift control of the breach to what is deemed more sophisticated hackers.
The report noted that some evidence hints at Chinese intelligence agents, given that a lot of the tools used in the breach came from China. What’s more, there are similarities with the breaches that went after Anthem, the health insurance company and the U.S. government’s Office of Personnel Management, which was connected to China. The report noted that none of the stolen data has yet to turn up on the internet, which implies there’s no sense of urgency to cash in from the hack.
While sources are pointing to China as the culprit for the data breach, others aren’t too sure, with some telling Bloomberg that the evidence is inconclusive or actually points to other places. One person briefed on an inquiry being conducted by the Federal Bureau of Investigations and other U.S. intelligence agencies told Bloomberg that there is evidence it was nation-sponsored hacking, but that China wasn’t behind it. The source wouldn’t divulge which country the evidence is pointing to, as that is classified information.
Bloomberg noted that Mandiant, the security consulting company hired by Equifax to find out who was behind the breach, said on Sept. 19 in a report distributed to Equifax clients that it didn’t have enough information to pinpoint the attackers or their countries of origin.