The Equifax Breach Might Have Been a Foreign Intelligence Operation

The Equifax Breach Might Have Been a Foreign Intelligence Operation

When a criminal steals something valuable, like the personal data of 143 million Americans, it’s usually because they want to make money from it. Yet, the data from 2017 Equifax breach has never turned up for sale, and people have been looking! Security professionals are starting to suspect this was not the work of a profit-motivated hacker but rather an incredibly successful intelligence operation aimed at spying on US citizens.

Equifax announced the breach on September 7, 2017, but the breach happened between May and July of that year. Equifax executives learned of the data theft in July, prompting some of them to sell stock before announcing the incident weeks later. Data stolen in the hack included, but was not limited to, Social Security numbers, driver’s license numbers, addresses, and more. It was basically everything you’d need to steal someone’s identity.

US lawmakers passed a bill to make freezing your credit free, and many financial institutions recommended their customers take advantage of the service. Consumers braced themselves for a wave of scams, but they never came. Here we are 17 months later, and the stolen data hasn’t appeared online.

CNBC consulted eight security experts who scour the dark web for stolen data. The “dark web” in question is made up of encrypted sites hosted inside Tor, which makes it difficult or impossible for law enforcement to track down individual users or site operators. That’s why stolen data usually appears for sale on these shady forums, but none of the usual suspects are hocking the Equifax info.

The Equifax Breach Might Have Been a Foreign Intelligence Operation

Early in the investigation, authorities considered two possibilities: The hack was the work of criminals who wanted to sell the data, or that a nation-state was behind the data theft. Sources now say the prevailing theory is that a low-level hacker discovered the exploit but wasn’t skilled enough to swipe multiple terabytes of data without getting caught. So, they sold knowledge of the exploit on the dark web, and the buyer was most likely Russia or China.

Using this data, a foreign power could attempt to identify people with political influence or those who work in US intelligence. Credit reporting data could also include embarrassing information to help coerce someone into becoming an intelligence asset. So, the data might never pop up in the traditional way, but it could still be highly damaging to US interests.

Continue reading

All 50 State AGs Launch Effort to Ban Foreign Robocalls
All 50 State AGs Launch Effort to Ban Foreign Robocalls

As of writing, the task force has already issued 20 civil investigative demands to as many gateway providers, which it says are the source of a majority of foreign robocall traffic.

NASA’s Mars Helicopter Snags Mysterious Foreign Object on 33rd Flight
NASA’s Mars Helicopter Snags Mysterious Foreign Object on 33rd Flight

NASA reports a mysterious "foreign debris object" was hooked on the helicopter's foot for part of the flight before flying off.

UFO Sightings Are Usually Foreign Spying or Space Junk, Government Sources Say
UFO Sightings Are Usually Foreign Spying or Space Junk, Government Sources Say

Aliens don’t sound so intimidating when the alternative is foreign surveillance.