U.S. Justice Department Launches Investigation of University of California Under Title VII of the Civil Rights Act of 1964

Source: United States Department of Justice Criminal Division

The Federal Task Force to Combat Anti-Semitism announced that the Justice Department has opened a civil pattern or practice investigation into the University of California (UC) under Title VII of the Civil Rights Act of 1964. The investigation will assess whether UC has engaged in a pattern or practice of discrimination based on race, religion and national origin against its professors, staff and other employees by allowing an Antisemitic hostile work environment to exist on its campuses.

“This Department of Justice will always defend Jewish Americans, protect civil rights, and leverage our resources to eradicate institutional Antisemitism in our nation’s universities,” said Attorney General Pamela Bondi.

“Our country has witnessed a disturbing rise of Antisemitism at educational institutions in California and nationwide,” said Acting Associate Attorney General and Department of Justice Chief of Staff Chad Mizelle. “The Department of Justice is committed to upholding Title VII of the Civil Rights Act and protecting Jewish Americans as we investigate this potential pattern of discrimination.”

Leading Task Force member and Senior Counsel to the Assistant Attorney General for Civil Rights Leo Terrell said, “Following the October 7, 2023 Hamas terror attacks in Israel, there has been an outbreak of antisemitic incidents at leading institutions of higher education in America, including at my own alma mater at the UCLA campus of UC. The impact upon UC’s students has been the subject of considerable media attention and multiple federal investigations. But these campuses are also workplaces, and the Jewish faculty and staff employed there deserve a working environment free of antisemitic hostility and hate. The President, the Attorney General and this Task Force are committed to combatting antisemitism for all Jewish Americans.”

The employment discrimination investigation will be conducted pursuant to Title VII of the Civil Rights Act of 1964, which prohibits employment discrimination on the basis of race, color, national origin, sex, and religion. Under Title VII, the Justice Department has the authority to initiate investigations against state and local government employers where it has reason to believe that a “pattern or practice” of employment discrimination exists.

Collaboration between the Justice Department and other federal agencies plays an important role in combating antisemitism in schools and college campuses. The Department coordinates with other federal agencies as part of the multi-agency Task Force to Combat Anti-Semitism, as well as when sharing enforcement jurisdiction with other agencies. For state and local governments and related entities like public universities, the Department of Justice shares enforcement authority under Title VII with the Equal Employment Opportunity Commission (EEOC). The EEOC receives, investigates, and conciliates EEOC charges against state- and local-government employers, before referring those charges to the Civil Rights Division of the Department of Justice for potential litigation.

“The EEOC is committed to partnering with the Department of Justice to stamp out the scourge of anti-Semitism on campus workplaces,” said EEOC Acting Chair Andrea Lucas.

If you have been discriminated against, you can file a complaint with the Civil Rights Division, at Contact the Civil Rights Division | Department of Justice (https://civilrights.justice.gov). If you work for an university or college and have experienced anti-Semitic harassment at work, you can file a charge with the EEOC, at How to File a Charge of Employment Discrimination | U.S. Equal Employment Opportunity Commission (https://www.eeoc.gov/how-file-charge-employment-discrimination). Learn more about addressing anti-Semitism at work here: What To Do If You Face Antisemitism at Work.

President Trump’s Executive Order can be found here: Additional Measures to Combat Anti-Semitism – The White House.

Security News: U.S. Justice Department Launches Investigation of University of California Under Title VII of the Civil Rights Act of 1964

Source: United States Department of Justice 2

The Federal Task Force to Combat Anti-Semitism announced that the Justice Department has opened a civil pattern or practice investigation into the University of California (UC) under Title VII of the Civil Rights Act of 1964. The investigation will assess whether UC has engaged in a pattern or practice of discrimination based on race, religion and national origin against its professors, staff and other employees by allowing an Antisemitic hostile work environment to exist on its campuses.

“This Department of Justice will always defend Jewish Americans, protect civil rights, and leverage our resources to eradicate institutional Antisemitism in our nation’s universities,” said Attorney General Pamela Bondi.

“Our country has witnessed a disturbing rise of Antisemitism at educational institutions in California and nationwide,” said Acting Associate Attorney General and Department of Justice Chief of Staff Chad Mizelle. “The Department of Justice is committed to upholding Title VII of the Civil Rights Act and protecting Jewish Americans as we investigate this potential pattern of discrimination.”

Leading Task Force member and Senior Counsel to the Assistant Attorney General for Civil Rights Leo Terrell said, “Following the October 7, 2023 Hamas terror attacks in Israel, there has been an outbreak of antisemitic incidents at leading institutions of higher education in America, including at my own alma mater at the UCLA campus of UC. The impact upon UC’s students has been the subject of considerable media attention and multiple federal investigations. But these campuses are also workplaces, and the Jewish faculty and staff employed there deserve a working environment free of antisemitic hostility and hate. The President, the Attorney General and this Task Force are committed to combatting antisemitism for all Jewish Americans.”

The employment discrimination investigation will be conducted pursuant to Title VII of the Civil Rights Act of 1964, which prohibits employment discrimination on the basis of race, color, national origin, sex, and religion. Under Title VII, the Justice Department has the authority to initiate investigations against state and local government employers where it has reason to believe that a “pattern or practice” of employment discrimination exists.

Collaboration between the Justice Department and other federal agencies plays an important role in combating antisemitism in schools and college campuses. The Department coordinates with other federal agencies as part of the multi-agency Task Force to Combat Anti-Semitism, as well as when sharing enforcement jurisdiction with other agencies. For state and local governments and related entities like public universities, the Department of Justice shares enforcement authority under Title VII with the Equal Employment Opportunity Commission (EEOC). The EEOC receives, investigates, and conciliates EEOC charges against state- and local-government employers, before referring those charges to the Civil Rights Division of the Department of Justice for potential litigation.

“The EEOC is committed to partnering with the Department of Justice to stamp out the scourge of anti-Semitism on campus workplaces,” said EEOC Acting Chair Andrea Lucas.

If you have been discriminated against, you can file a complaint with the Civil Rights Division, at Contact the Civil Rights Division | Department of Justice (https://civilrights.justice.gov). If you work for an university or college and have experienced anti-Semitic harassment at work, you can file a charge with the EEOC, at How to File a Charge of Employment Discrimination | U.S. Equal Employment Opportunity Commission (https://www.eeoc.gov/how-file-charge-employment-discrimination). Learn more about addressing anti-Semitism at work here: What To Do If You Face Antisemitism at Work.

President Trump’s Executive Order can be found here: Additional Measures to Combat Anti-Semitism – The White House.

Justice Department Charges 12 Chinese Contract Hackers and Law Enforcement Officers in Global Computer Intrusion Campaigns

Source: United States Department of Justice

Note: View the indictments in U.S. v. Wu Haibo et al., U.S. v. Yin Kecheng, U.S. v. Zhou Shuai et al. here.

The Justice Department, FBI, Naval Criminal Investigative Service, and Departments of State and the Treasury announced today their coordinated efforts to disrupt and deter the malicious cyber activities of 12 Chinese nationals, including two officers of the People’s Republic of China’s (PRC) Ministry of Public Security (MPS), employees of an ostensibly private PRC company, Anxun Information Technology Co. Ltd. (安洵信息技术有限公司) also known as “i-Soon,” and members of Advanced Persistent Threat 27 (APT27).

These malicious cyber actors, acting as freelancers or as employees of i-Soon, conducted computer intrusions at the direction of the PRC’s MPS and Ministry of State Security (MSS) and on their own initiative. The MPS and MSS paid handsomely for stolen data. Victims include U.S.-based critics and dissidents of the PRC, a large religious organization in the United States, the foreign ministries of multiple governments in Asia, and U.S. federal and state government agencies, including the U.S. Department of the Treasury (Treasury) in late 2024.

“The Department of Justice will relentlessly pursue those who threaten our cybersecurity by stealing from our government and our people,” said Sue J. Bai, head of the Justice Department’s National Security Division. “Today, we are exposing the Chinese government agents directing and fostering indiscriminate and reckless attacks against computers and networks worldwide, as well as the enabling companies and individual hackers that they have unleashed. We will continue to fight to dismantle this ecosystem of cyber mercenaries and protect our national security.”

“The FBI is committed to protecting Americans from foreign cyber-attacks,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division. “Today’s announcements reveal that the Chinese Ministry of Public Security has been paying hackers-for-hire to inflict digital harm on Americans who criticize the Chinese Communist Party (CCP). To those victims who bravely came forward with evidence of intrusions, we thank you for standing tall and defending our democracy. And to those who choose to aid the CCP in its unlawful cyber activities, these charges should demonstrate that we will use all available tools to identify you, indict you, and expose your malicious activity for all the world to see.”

According to court documents, the MPS and MSS employed an extensive network of private companies and contractors in China to hack and steal information in a manner that obscured the PRC government’s involvement. In some cases, the MPS and MSS paid private hackers in China to exploit specific victims. In many other cases, the hackers targeted victims speculatively. Operating from their safe haven and motivated by profit, this network of private companies and contractors in China cast a wide net to identify vulnerable computers, exploit those computers, and then identify information that it could sell directly or indirectly to the PRC government. The result of this largely indiscriminate approach was more worldwide computer intrusion victims, more systems worldwide left vulnerable to future exploitation by third parties, and more stolen information, often of no interest to the PRC government and, therefore, sold to other third-parties. Additional information regarding the indictments and the PRC’s hacker-for-hire ecosystem is available in Public Service Announcements published by the FBI today.

U.S. v. Wu Haibo et al., Southern District of New York

Today, a federal court in Manhattan unsealed an indictment charging eight i-Soon employees and two MPS officers for their involvement, from at least in or around 2016 through in or around 2023, in the numerous and widespread hacking of email accounts, cell phones, servers, and websites. The Department also announced today the court-authorized seizure of the primary internet domain used by i-Soon to advertise its business.

“State-sponsored hacking is an acute threat to our community and national security,” said Acting U.S. Attorney Matthew Podolsky for the Southern District of New York. “For years, these 10 defendants — two of whom we allege are PRC officials — used sophisticated hacking techniques to target religious organizations, journalists, and government agencies, all to gather sensitive information for the use of the PRC. These charges will help stop these state-sponsored hackers and protect our national security. The career prosecutors of this office and our law enforcement partners will continue to uncover alleged state-sponsored hacking schemes, disrupt them, and bring those responsible to justice.”

The defendants remain at large and wanted by the FBI. Concurrent with today’s announcement,  the U.S. Department of State’s Rewards for Justice (RFJ) program, administered by the Diplomatic Security Service, announced a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act. The reward is offered for the following individuals who are alleged to have worked in various capacities to direct or carry out i-Soon’s malicious cyber activity:

  • Wu Haibo (吴海波), Chief Executive Officer
  • Chen Cheng (陈诚), Chief Operating Officer
  • Wang Zhe (王哲), Sales Director
  • Liang Guodong (梁国栋), Technical Staff
  • Ma Li (马丽), Technical Staff
  • Wang Yan (王堰), Technical Staff
  • Xu Liang (徐梁), Technical Staff
  • Zhou Weiwei (周伟伟), Technical Staff
  • Wang Liyu (王立宇), MPS Officer
  • Sheng Jing (盛晶), MPS Officer

i-Soon and its employees, to include the defendants, generated tens of millions of dollars in revenue as a key player in the PRC’s hacker-for-hire ecosystem. In some instances, i-Soon conducted computer intrusions at the request of the MSS or MPS, including cyber-enabled transnational repression at the direction of the MPS officer defendants. In other instances, i-Soon conducted computer intrusions on its own initiative and then sold, or attempted to sell, the stolen data to at least 43 different bureaus of the MSS or MPS in at least 31 separate provinces and municipalities in China. i-Soon charged the MSS and MPS between approximately $10,000 and $75,000 for each email inbox it successfully exploited. i-Soon also trained MPS employees how to hack independently of i-Soon and offered a variety of hacking methods for sale to its customers.

The defendants’ U.S.-located targets included a large religious organization that previously sent missionaries to China and was openly critical of the PRC government and an organization focused on promoting human rights and religious freedom in China. In addition, the defendants targeted multiple news organizations in the United States, including those that have opposed the CCP or delivered uncensored news to audiences in Asia, including China and the New York State Assembly, one of whose representatives had communicated with members of a religious organization banned in China.

The defendants’ foreign-located targets included a religious leader and his office, and a Hong Kong newspaper that i-Soon considered as being opposed to the PRC government. The defendants also targeted the foreign ministries of Taiwan, India, South Korea, and Indonesia.

Assistant U.S. Attorneys Ryan B. Finkel, Steven J. Kochevar, and Kevin Mead for the Southern District of New York and Trial Attorney Gregory J. Nicosia Jr. of the National Security Division’s National Security Cyber Section are prosecuting the case.

U.S. v. Yin Kecheng and U.S. v. Zhou Shuai et al., District of Columbia

Today, a federal court unsealed two indictments charging APT27 actors Yin Kecheng (尹可成) and Zhou Shuai (周帅) also known as “Coldface” for their involvement in the multi-year, for-profit computer intrusion campaigns dating back, in the case of Yin, to 2013. The Department also announced today court-authorized seizures of internet domains and computer server accounts used by Yin and Zhou to facilitate their hacking activity.

The defendants remain at large. View the FBI’s Wanted posters for Shuai and Kecheng here.

Concurrent with today’s announcement, the Department of States State’s Bureau of International Narcotics and Law Enforcement Affairs is announcing two reward offers under the Transnational Organized Crime Rewards Program (TOCRP) of up to $2 million each for information leading to the arrests and convictions, in any country, of malicious cyber actors Yin Kecheng and Zhou Shuai, both Chinese nationals residing in China.

“These indictments and actions show this office’s long-standing commitment to vigorously investigate and hold accountable Chinese hackers and data brokers who endanger U.S. national security and other victims across the globe,” said Interim U.S. Attorney Edward R. Martin Jr. for the District of Columbia. “The defendants in these cases have been hacking for the Chinese government for years, and these indictments lay out the strong evidence showing their criminal wrongdoing. We again demand that the Chinese government to put a stop to these brazen cyber criminals who are targeting victims across the globe and then monetizing the data they have stolen by selling it across China.”

The APT27 group to which Yin and Zhou belong is also known to private sector security researchers as “Threat Group 3390,” “Bronze Union,” “Emissary Panda,” “Lucky Mouse,” “Iron Tiger,” “UTA0178,” “UNC 5221,” and “Silk Typhoon.” As alleged in court documents, between August 2013 and December 2024, Yin, Zhou, and their co-conspirators exploited vulnerabilities in victim networks, conducted reconnaissance once inside those networks, and installed malware, such as PlugX malware, that provided persistent access. The defendants and their co-conspirators then identified and stole data from the compromised networks by exfiltrating it to servers under their control. Next, they brokered stolen data for sale and provided it to various customers, only some of whom had connections to the PRC government and military. For example, Zhou sold data stolen by Yin through i-Soon, whose primary customers, as noted above, were PRC government agencies, including the MSS and the MPS.

The defendants’ motivations were financial and, because they were profit-driven, they targeted broadly, rendering victim systems vulnerable well beyond their pilfering of data and other information that they could sell. Between them, Yin and Zhou sought to profit from the hacking of numerous U.S.-based technology companies, think tanks, law firms, defense contractors, local governments, health care systems, and universities, leaving behind them a wake of millions of dollars in damages.

The documents related to the seizure warrants, also unsealed today, further allege that Yin and Zhou continued to engage in hacking activity, including Yin’s involvement in the recently announced hack of Treasury between approximately September and December 2024. Virtual private servers used to conduct the Treasury intrusion belonged to, and were controlled by, an account that Yin and his co-conspirators established. Yin and his co-conspirators used that same account and other linked accounts they controlled to lease servers used for additional malicious cyber activity. The seizure warrant unsealed today allowed the FBI to seize the virtual private servers and other infrastructure used by the defendants to perpetrate these crimes.

On Jan. 17, Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Yin for his role in hacking that agency between September and December 2024. Concurrent with today’s indictments, OFAC also announced sanctions on Zhou and Shanghai Heiying Information Technology Company Ltd., a company operated by Zhou for purposes of his hacking activity.

Private sector partners are also taking voluntary actions to raise awareness and strengthen defenses against the PRC’s malicious cyber activity. Today, Microsoft published research that highlights its unique, updated insights into Silk Typhoon tactics, techniques, and procedures specifically its targeting of the IT supply chain.

Assistant U.S. Attorneys Jack F. Korba and Tejpal S. Chawla for the District of Columbia and Trial Attorney Tanner Kroeger of the National Security Division’s National Security Cyber Section are prosecuting the case.

***

The above disruptive actions targeting PRC malicious cyber activities were the result of investigations conducted by FBI New York and Washington Field Offices, FBI Cyber Division, the Naval Criminal Investigative Service. The U.S. Attorney’s Offices for the Southern District of New York and District of Columbia and the National Security Division’s National Security Cyber Section are prosecuting the case.

The Department acknowledges the value of public-private partnerships in combating advanced cyber threats and recognizes Microsoft, Volexity, PwC, and Mandiant for their valuable assistance in these investigations.

The details in the above-described indictments and warrants are merely allegations. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Former Alabama Police Officer Pleads Guilty to Federal Civil Rights Violation and Child Sexual Exploitation

Source: United States Department of Justice Criminal Division

A former Killen, Alabama, Police Department officer pleaded guilty yesterday for sexually assaulting a woman while on duty and for receiving sexually explicit photos of a minor.

As part of the plea agreement, Jarrod Gailen Webster admitted that, on Nov. 12, 2023, he violated the civil rights of a woman after initiating a traffic stop on the woman’s vehicle. Webster asked the woman to step out of her vehicle and he asked her what she wanted to do to “get out of this.” When the woman told Webster that she was not going to do anything for him, Webster handcuffed the woman and sexually assaulted her.

Further, Webster admitted that, between June 2016 and October 2018, he communicated with a minor by phone. Webster asked the minor to produce and send him sexually explicit images of herself. The minor victim sent multiple photos to Webster at his request, at least one of which constituted child sexual abuse material (CSAM).

“Jarrod Webster took an oath to protect and serve citizens of his community. He violated that oath when he sexually assaulted a woman and exploited a minor to produce and send sexually explicit images,” said U.S. Attorney Prim F. Escalona for the Northern District of Alabama. “We will continue to work with our law enforcement partners to ensure that those who violate positions of public trust are held accountable for their actions.”

“Police officers are given immense trust and responsibility to serve and protect, and are therefore held to a higher standard, so there are serious consequences when one tarnishes the badge by breaking the law,” said Special Agent in Charge Carlton Peeples of the FBI Birmingham Field Office. “Jarrod Gailen Webster disgraced the uniform when he abused his authority, his sentencing affirms that the FBI has zero tolerance for officials who prey on the citizens they have sworn to protect.”

Webster pleaded guilty to one count of deprivation of rights under color of law and one count of sexual exploitation of children. He is scheduled to be sentenced on May 20.

Webster faces a maximum penalty of life in prison, five years of supervised release, and a fine of up to $250,000 for the count of deprivation of rights under color of law. He faces a mandatory minimum penalty of 15 years and maximum penalty of 30 years in prison, supervised release for life, and a fine of up to $250,000 for the count of sexual exploitation of children. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI Birmingham Field Office investigated the case.

Assistant U.S. Attorney Michael Royster for the Northern District of Alabama and Senior Sex Crimes Counsel Maura White and Trial Attorney Sarah Howard of the Civil Rights Division’s Criminal Section are prosecuting the case. 

Florida Dentist Sentenced for Threatening Public Figures and an Election Official

Source: United States Department of Justice Criminal Division

A Florida dentist was sentenced yesterday to two years in prison for threatening public figures, an election official, and others between 2019 and 2024.

According to court documents, from September 2019 to July 2020, Richard Glenn Kantwill, 61, of Tampa, sent over 100 threats via Facebook and Instagram messages, email, and text to various public figures based on their political commentary. As charged in the superseding information, those communications included threats to an author, a religious figure, and a television personality. Kantwill also sent at least seven additional threats to four public figures via Facebook from April 2022 to April 2024, including a threat to an election official in another state in February 2024.

Kantwill pleaded guilty in November 2024 to four counts of interstate transmission of a threat.

Supervisory Official Antoinette T. Bacon of the Justice Department’s Criminal Division, Acting U.S. Attorney Sara C. Sweeney for the Middle District of Florida, and Special Agent in Charge Matthew Fodor of the FBI Tampa Field Office made the announcement.

The FBI investigated the case.

Trial Attorney Aaron L. Jennen of the Criminal Division’s Public Integrity Section and Assistant U.S. Attorney Abigail K. King for the Middle District of Florida prosecuted the case, with assistance from the U.S. Attorney’s Office for the District of Colorado.