The Equifax Breach Might Have Been a Foreign Intelligence Operation

The Equifax Breach Might Have Been a Foreign Intelligence Operation

When a criminal steals something valuable, like the personal data of 143 million Americans, it’s usually because they want to make money from it. Yet, the data from 2017 Equifax breach has never turned up for sale, and people have been looking! Security professionals are starting to suspect this was not the work of a profit-motivated hacker but rather an incredibly successful intelligence operation aimed at spying on US citizens.

Equifax announced the breach on September 7, 2017, but the breach happened between May and July of that year. Equifax executives learned of the data theft in July, prompting some of them to sell stock before announcing the incident weeks later. Data stolen in the hack included, but was not limited to, Social Security numbers, driver’s license numbers, addresses, and more. It was basically everything you’d need to steal someone’s identity.

US lawmakers passed a bill to make freezing your credit free, and many financial institutions recommended their customers take advantage of the service. Consumers braced themselves for a wave of scams, but they never came. Here we are 17 months later, and the stolen data hasn’t appeared online.

CNBC consulted eight security experts who scour the dark web for stolen data. The “dark web” in question is made up of encrypted sites hosted inside Tor, which makes it difficult or impossible for law enforcement to track down individual users or site operators. That’s why stolen data usually appears for sale on these shady forums, but none of the usual suspects are hocking the Equifax info.

The Equifax Breach Might Have Been a Foreign Intelligence Operation

Early in the investigation, authorities considered two possibilities: The hack was the work of criminals who wanted to sell the data, or that a nation-state was behind the data theft. Sources now say the prevailing theory is that a low-level hacker discovered the exploit but wasn’t skilled enough to swipe multiple terabytes of data without getting caught. So, they sold knowledge of the exploit on the dark web, and the buyer was most likely Russia or China.

Using this data, a foreign power could attempt to identify people with political influence or those who work in US intelligence. Credit reporting data could also include embarrassing information to help coerce someone into becoming an intelligence asset. So, the data might never pop up in the traditional way, but it could still be highly damaging to US interests.

Continue reading

Scientists Built an Artificial Intelligence to Finish Beethoven’s Tenth Symphony
Scientists Built an Artificial Intelligence to Finish Beethoven’s Tenth Symphony

We don't know what Beethoven meant to do for his unfinished 10th Symphony. But what if we could plug his music into an AI to figure it out?

Space Force Launches New Intelligence-Gathering Satellites
Space Force Launches New Intelligence-Gathering Satellites

GSSAP-5 and GSSAP-6 will allow the new(ish) Air Force branch to collect information on other objects in orbit.

The Human Side of Artificial Intelligence
The Human Side of Artificial Intelligence

Improving machine learning outcomes isn't just a matter of improving AI's computational performance.

What is Artificial Intelligence?
What is Artificial Intelligence?

“To many, AI is just a horrible Steven Spielberg movie. To others, it’s the next generation of learning computers. But what is artificial intelligence, exactly? The answer depends on who you ask. Broadly, artificial intelligence (AI) is the combination of computer science and robust datasets, deployed to solve some kind of problem.Many definitions of artificial…