Chinese hacking: 5 major cases of Beijing-linked cyber intrusion

Amid the growing political and economic influence of China, attention has turned to Beijing’s concerted efforts to collect data on Americans and steal scientific research.

In 2015, Chinese President Xi Jinping promised then-President Barack Obama that his country would stop such practices. But, China has continued its intrusion into U.S. cybersecurity unabated.

Here are five major cyberattacks linked to China:


Earlier this month, the Justice Department charged four members of the Chinese military with breaking into the computer networks of the credit-reporting agency Equifax and stealing the personal information of millions of Americans.

The four defendants, all members of the People’s Liberation Army,  also stood accused of stealing Equifax’s trade secrets.

Experts monitoring the dark web said they saw no evidence of data stolen in the Equifax hack being sold to common criminals for ID theft and credit card fraud, suggesting Beijing’s motive was more about espionage than stealing trade secrets.

U.S. Office of Personnel Management

In June 2015, the U.S. Office of Personnel Management announced that it had been targeted in a cyberattack that compromised the personal data of over 21 million current, former and prospective federal employees.

The U.S. Office of Personnel Management announced it was the victim of a massive cyberattack in 2015.

The U.S. Office of Personnel Management announced it was the victim of a massive cyberattack in 2015. (Facebook/@USOPM)

Although the first hacker was detected in March 2014, a second intruder went undetected until April 2015, by which time data on security clearances, background checks, and fingerprint records had been extracted, investigators said. A House inquiry found the hack likely was the work of “Deep Panda,” a group linked to the Chinese military.

Marriott International

Marriott International announced in November 2018 that it had suffered a security breach on a massive scale, with the personal details of approximately 500 million guests having been exposed.

As early as 2014, hackers began extracting data, including credit and passport numbers, birth dates, phone numbers, and hotel arrival and departure dates on Marriott’s guests. The breach went undetected for four years and affected hotels in the Starwood chain that Marriott acquired in 2016, officials said.

Analysts noted that information from hotels – common venues for extramarital affairs and corporate espionage – could be used for blackmail and counterespionage. Attorney General William Barr has blamed the hack on Chinese agents.


Between 2014 and 2015, hackers stole personal data on nearly 80 million current and former customers and employees of Anthem, an Indiana-based health insurer. Stolen data included Social Security numbers, birth dates, employment details, incomes and street addresses.

Officials with Symantec, a cybersecurity firm, said the hack was believed to be the work of a well-resourced Chinese group called Black Vine that had been conducting cyber espionage against aerospace, energy and health care industries.


U.S. Universities

In March 2019, iDefense, a cybersecurity intelligence unit of Accenture Security, reported that several American universities had been targeted by Chinese hackers looking to steal maritime military technology and secrets.


The cybersecurity unit had identified the targeted universities by observing that their networks were pinging servers located in China that were suspected to be controlled by a Chinese hacking group known interchangeably as TEMP.Persicope, Leviathan, or Mudcarp, according to reporting from The Wall Street Journal.

The Associated Press contributed to this report.