From espionage to intellectual property theft to sabotage, here’s a look at 20 of the largest Chinese cyberattacks against the United States in the last decade.
China has dramatically increased its cyberattacks against the United States since Chinese Communist Party leader Xi Jinping came to power in 2012.
From espionage to intellectual property theft to sabotage, here is a look at 20 of the largest Chinese cyberattacks against the United States in the last 10 years.
August 2014: Community Health Systems Hack
A state-backed hacking group in China—referred to as APT18—launched an advanced malware attack against Tennessee-based Community Health Systems, one of the nation’s largest hospital health care services.
The group succeeded in exfiltrating the sensitive personal information of more than 4.5 million patients, including their Social Security numbers, phone numbers, addresses, names, and birth dates.
November 2014: NOAA and USPS Hacks
State-backed hackers in China launched malware and DDOS attacks against several government entities, including the U.S. Postal Service (USPS), the National Oceanic and Atmospheric Administration (NOAA), and the Office of Personnel Management.
The personal information of more than 800,000 employees at USPS, as well as that of customers who had called customer services, was exfiltrated. NOAA officials reported that they were immediately able to restore service to four affected websites but had not reported the incident for months, which was a violation of U.S. policy.
June 2015: Office of Personnel Management Hack
The federal government’s primary hiring agency was hacked by state-backed cyber actors in China. More than a million users’ personal information, including names, addresses, and Social Security numbers, were stolen.
Those affected included current and former federal employees and contractors, as well as applicants for federal jobs and individuals listed on background check forms.
The attack was the third and largest of its kind in a matter of weeks and appeared to have specifically targeted data and applications related to U.S. security clearances. As such, the data stolen also included the financial histories and family information of those undergoing federal background checks at the time.
