Cybercriminals breach Aflac as part of hacking spree against US insurance industry


Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.

With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.

Read more…
Source: CNN News


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • Alleged breached data of Airport and Aviation Services Sri Lanka surfaces online

    July 10, 2024

    A recent post on the notorious cybercrime forum BreachForums claims that the Airport and Aviation Services Sri Lanka (AASL) has suffered a data breach. According to the post, the breached data contains approximately 7,083 records that include names, NICs, emails, passport numbers, and other sensitive data. Blurred screenshot of post alleging Airport and Aviation Services Sri ...

  • Reeling in DarkGate Malware Attacks from the Beach

    July 10, 2024

    Last year, the number of malware attacks worldwide reached 6.08 billion. That’s a 10% increase compared with 2022. Why are cybercriminals developing so much malware? Because it is a vital tool to help them infiltrate businesses, networks or specific computers to steal or destroy sensitive data. or destroy sensitive data. There are many types of malware ...

  • Cyber Crime Group Provides Ransomware Decryptor to Indonesian National Data Center

    July 9, 2024

    The cyber crime group that locked up an Indonesian national data center last month, impacting hundreds of government services, has opted to provide the ransomware decryptor for free. This was accompanied by an apology, but also a donation link exhorting the Indonesian government and public to show gratitude for their supposed generosity. “Brain Cipher” is a ...

  • Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks In Internet Shortcut File To Lure Victims (CVE-2024-38112)

    July 9, 2024

    Check Point Research recently discovered that threat actors have been using novel (or previously unknown) tricks to lure Windows users for remote code execution. Specifically, the attackers used special Windows Internet Shortcut files (.url extension name), which, when clicked, would call the retired Internet Explorer (IE) to visit the attacker-controlled URL. An additional trick on IE ...

  • An In-Depth Look at Crypto-Crime in 2023 Part 1

    July 8, 2024

    Cryptocrime refers to any criminal activity involving the use of cryptocurrency. This can include theft, fraud, money laundering, and other illicit activities. Cryptocurrencies, such as Bitcoin and Ethereum, operate on decentralized networks and are not issued or controlled by any central authority. This makes them an attractive target for criminals due to their anonymity and lack ...

  • CloudSorcerer – A new APT targeting Russian government entities

    July 8, 2024

    In May 2024, Kaspersky researchers discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer. It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure. The malware leverages cloud resources as its command and control (C2) servers, accessing them ...