A wanted poster of four Chinese PLA members, 54th Research Institute wanted by the Federal Bureau of Investigation (FBI) in Washington,DC. Photograph:( AFP )
Equifax breach exposed the names, Social Security numbers and addresses of more than 22 million current and former US federal employees and contractors, as well as 5.6 million fingerprints.
The US Justice Department on Monday announced indictments against four members of China's People's Liberation Army for alleged involvement in the massive 2017 hack of the database of giant US credit rating agency Equifax.
The hackers are accused of stealing the sensitive personal information on some 145 million Americans in one of the world's largest-ever data breaches, said Attorney General Bill Barr.
"This was a deliberate and sweeping intrusion into the private information of the American people," he said.
Four members of the Chinese army's 54th Research Institute Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei were charged with multiple counts of hacking, computer fraud, economic espionage and wire fraud.
Officials said it took well over a year to track them through the 34 servers in 20 countries they allegedly used to hide their tracks.
"This was an organized and remarkably brazen criminal heist of sensitive information of nearly half of all Americans, as well as the hard work and intellectual property of an American company, by a unit of the Chinese military," Barr said.
Watch: The exorbitant cost of quitting people's liberation army
The hack stunned US intelligence officials, following a similar intrusion on the civil service database of the Office of Personnel Management (OPM), also blamed on the Chinese.
That breach exposed the names, Social Security numbers and addresses of more than 22 million current and former US federal employees and contractors, as well as 5.6 million fingerprints.
The Equifax data breach, because it was so large and involved so much sensitive financial information on so many Americans, had far-reaching implications for Equifax and the consumer credit industry.
The company agreed to pay up to $700 million to settle claims it broke the law during the data breach and to repay harmed consumers.