Cybercriminals breach Aflac as part of hacking spree against US insurance industry


Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.

With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.

Read more…
Source: CNN News


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • China’s three reports on Volt Typhoon prove US’ cyberattacks detectable: experts

    October 18, 2024

    China’s three reports on Volt Typhoon revealed the truth behind the systematic cyberattack activities of the US and demonstrated that such operations of the US are detectable, experts said. China’s National Computer Virus Emergency Response Center (CVERC) on Monday released its latest report on Volt Typhoon, a hacker team Five Eyes nations and Microsoft have accused ...

  • Finland’s NBI probes wave of bank cyber attacks

    October 18, 2024

    Finland’s National Bureau of Investigation has opened a preliminary probe on a series of cyber attacks on the country’s financial sector. Finnish banks have been targeted in cyber attacks in recent months. In particular, Nordea Bank has been hit by several distributed denial of service (DDoS) attacks throughout the autumn. The bank has faced recurring problems ...

  • Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

    October 18, 2024

    Last December, Kaspersky researchers discovered a new group targeting Russian businesses and government agencies with ransomware. Further investigation into this group’s activity suggests a connection to other groups currently targeting Russia. Kaspersky researchers have seen overlaps not only in indicators of compromise and tools, but also tactics, techniques, and procedures (TTPs). Moreover, the infrastructure partially overlaps ...

  • How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends

    October 15, 2024

    Mandiant analyzed 138 vulnerabilities that were disclosed in 2023 and that we tracked as exploited in the wild. Consistent with past analyses, the majority (97) of these vulnerabilities were exploited as zero-days (vulnerabilities exploited before patches are made available, excluding end-of-life technologies). Forty-one vulnerabilities were exploited as n-days (vulnerabilities first exploited after patches are available). While ...

  • Microsoft Digital Defense Report 2024: Microsoft customers face more than 600 million cybercriminal and nation-state attacks every day

    October 15, 2024

    In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders. Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced ...

  • China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it

    October 15, 2024

    Chinese authorities have published another set of allegations that assert the Volt Typhoon cyber-crew is an invention of the US and its allies, and not a crew run by Beijing. Published on Monday in five languages, a document titled “Lie to Me: Volt Typhoon III – Unravelling Cyberespionage and Disinformation Operations Conducted by US Government Agencies” ...