Cybercriminals breach Aflac as part of hacking spree against US insurance industry


Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.

With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.

Read more…
Source: CNN News


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • OneBlood hit by ransomware attack, tells hospitals to activate critical shortage alerts

    August 1, 2024

    Nonprofit medical organization OneBlood, which plays a crucial role in serving facilities across the Southeastern US, has been targeted in a ransomware attack which caused an IT systems outage, causingover 250 hospitals to activate critical blood shortage protocols. The move disrupted services across multiple US states, with the organization operating at a ‘significantly reduced capacity’ – ...

  • Malicious Packages Hidden in PyPI

    July 31, 2024

    The FortiGuard Labs team has identified a malicious PyPI package affecting all platforms where PyPI packages can be installed. This discovery poses a significant risk to individuals and institutions that have installed these packages, potentially leading to the leakage of credentials and sensitive information. Given the high severity of this threat, it is crucial to focus ...

  • Bloody Wolf strikes organizations in Kazakhstan with STRRAT commercial malware

    July 31, 2024

    Since late 2023, BI.ZONE Threat Intelligence experts have been tracking the activity of Bloody Wolf. The cluster attacks organizations in Kazakhstan with STRRAT, a commercial malware also known as Strigoi Master. The attackers send out phishing emails on behalf of the Ministry of Finance of the Republic of Kazakhstan and other agencies. The emails have PDF ...

  • Microsoft says cyber-attack triggered latest outage

    July 30, 2024

    A global outage affecting Microsoft products including email service Outlook and video game Minecraft has been resolved, the technology giant said in an update, external. The firm said preliminary investigations show the outage was caused by a cyber-attack and a failure to properly defend against it. Earlier, the company issued an apology for the incident, which ...

  • Threat actor impersonates Google via fake ad for Authenticator

    July 30, 2024

    Malwarebytes Labs researchers have previously reported on the brand impersonation issue with Google ads: users who search for popular keywords are shown malicious ads that purport to be from an official vendor. Not only does this trick innocent victims into downloading malware or losing their data to phishing sites, it also erodes trust in brands and ...

  • UK: Basic IT security failings left electoral register vulnerable

    July 30, 2024

    Basic IT security failings allowed Chinese state-linked hackers to access the election watchdog’s register containing the details of 40 million voters. The Information Commissioner’s Office (ICO) said the Electoral Commission had failed to keep its servers updated, allowing hackers to exploit the vulnerability. The National Cyber Security Centre (NCSC), part of GCHQ, has previously said it ...