Stolen data and spy recruitment

NICK EICHER, HOST: Next up on The World and Everything in It: international intrigue. 

That’s right, a mystery with spies and huge financial stakes: and you may be in the middle of it. Or, your personal information, anyway. 

Back in 2017, the credit ratings agency Equifax made headlines when hackers broke into its servers. They stole Social Security numbers, driver’s license numbers, information from credit disputes, and other personal details from 140 million people.

MARY REICHARD, HOST: Who orchestrated that attack? Turns out, the answer may be unexpected. WORLD correspondent Katie Gaultney did some research and joins us now to talk about who or what was behind that massive information heist. 

Katie, it sounds like this wasn’t just your run-of-the-mill data breach.

KATIE GAULTNEY, REPORTER: It definitely wasn’t.

REICHARD: What sets it apart?

GAULTNEY: Yeah, you know my information was actually a part of that breach from 2017, and I think it’s the closest I’ll ever get to a James Bond-level thriller. [Laughter] I mean, I joke about it, but the reality is these consumer data breaches feel unsurprising, almost, nowadays. In just the last few years, major retailers like Home Depot and Target were the subject of high profile cases of hackers who stole personal information from shoppers. But this Equifax one took an interesting turn that the others didn’t: Investigators can’t figure out who has the stolen information. In similar cases, there will be a sort of trail that leads investigators to the source of the breach. But in this case, cybersecurity managers, financial execs, even government officials, say that there isn’t a trail leading to the personal information of those 143 million people, not even on the dark web. It’s just gone.

REICHARD: So, “poof,” gone? On the one hand, I feel like I should be relieved, but I have a feeling that’s not necessarily good news. What are the theories about who was behind the attack, and where the information is now? 

GAULTNEY: That’s where things get really interesting. Experts close to the situation now believe the information wasn’t ever intended to be used for stealing someone’s identity or for any kind of financial gain. The theory is that a foreign government stole the information for the purpose of recruiting spies.

REICHARD: Really! Okay, that’s a huge leap from using stolen credit card info for a spending spree to using those details to recruit a spy ring. What makes them suspect it was foreign espionage?

GAULTNEY: Basically, when a breach of this magnitude happens, security experts spot it almost immediately. Cyberthieves usually turn around and sell what they’ve stolen right away, and that info going up for sale on the dark web is often how security experts discover breaches. But in this case, Equifax says there is no indication whatsoever that the data has been disclosed publicly.

REICHARD: So this is not being marketed for sale, and appears never to have been marketed on the dark web. Yet authorities are pointing the finger at a foreign government. Doesn’t that seem like a stretch?

GAULTNEY: You’re right, it does. On some level this is a shot in the dark. Some analysts say a criminal may have stolen the information, but been too afraid to put it up for sale. The thief may just be sitting on it. But one former senior intelligence official who worked on the Equifax investigation told CNBC that the prevailing theory is an unsophisticated hacker exploited Equifax’s security vulnerabilities, then worked with an underground criminal network to sell information about that vulnerability to either the Chinese or Russian governments. One of them was then able to capture huge quantities of data through that weakness.

REICHARD: Okay, so if Russia or China is behind this, how does someone’s credit information show that they’d make a good spy?

GAULTNEY: Well, the credit information alone won’t identify candidates for foreign espionage. But it will reveal who is in financial distress, and who may be willing to spy in exchange for a good chunk of money. So, people in positions of government influence who are having financial difficulties are prime targets. Younger people with political aspirations, who may be assets for years to come; overseas members of the CIA. And not just government officials, but also those who are involved with the operations of U.S. corporate data centers, or financial executives in the tech field. Basically, if the spy theory bears out, these foreign actors are likely looking for people with access and power, or potential power, who may be easy to bribe.

REICHARD: Does this mean all those credit monitoring services aren’t going to be necessary for your average American, in this case?

GAULTNEY: Exactly. Experts still say credit freezes and credit monitoring services are the best way to guard against personal credit breaches—or become aware of a breach of your personal information. But ultimately, the real headline here is that it’s looking like you and I are not going to be recruited as Russian spies any time soon.

REICHARD: Well, so much for being in a James Bond-style caper, I guess. Katie Gaultney is a WORLD correspondent based in Dallas. Katie, thank you for this report.

GAULTNEY: You’re welcome, Mary.

(Photo/Associated Press, Elise Amendola)

WORLD Radio transcripts are created on a rush deadline. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of WORLD Radio programming is the audio record.