Cybercriminals breach Aflac as part of hacking spree against US insurance industry


Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.

With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.

Read more…
Source: CNN News


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • DocGo patient health data stolen in cyberattack

    May 9, 2024

    Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain protected health information. DocGo is a healthcare provider that offers ...

  • Ascension Health Becomes Latest Cyberattack Victim in Healthcare, Investigations Underway

    May 9, 2024

    Ascension Health has disclosed that after detecting “unusual activity,” that affected its clinical operations, the company contacted Mandiant, a cybersecurity firm, to investigate the cyberattack. According to Ascension Health’s official statement, the organization has processes in place to guarantee that patient care delivery remains safe and is affected as little as possible, and care staff are ...

  • Unmasking Tycoon 2FA: A Stealthy Phishing Kit Used to Bypass Microsoft 365 and Google MFA

    May 9, 2024

    Tycoon 2FA is a phishing-as-a-service (PhaaS) platform that was first seen in August 2023. Like many phish kits, it bypasses multifactor authentication (MFA) protections and poses a significant threat to users. Lately, Tycoon 2FA has been grabbing headlines because of its role in ongoing campaigns designed to target Microsoft 365 and Gmail accounts. Read more… Source: Proofpoint Sign up ...

  • U.S. Patent Office data leak exposes private addresses

    May 9, 2024

    USPTO has acknowledged yet another incident in which the filers’ address data was leaked. Following a second data breach within two years, the federal agency responsible for patent and trademark grants notified thousands of filers whose private addresses were exposed. As a result, the USPTO is now reaching out to thousands of affected filers to inform ...

  • Washington Takes Its Cyber Strategy Global

    May 8, 2024

    The United States has spent two years supporting Ukraine in one ground war and seven months backing Israel in another, and it continues to prepare for the possibility of a third in Taiwan. But arguably its most persistent focus has been on a far longer-running, more perennial, borderless battle over cyberspace and the future of technology. ...

  • European Parliament election prep unearthed data breach

    May 8, 2024

    The breach, dating back to early 2024, was uncovered two weeks ago as the European Parliament intensified efforts to reinforce its cybersecurity in preparation for the upcoming European elections in June, a press officer from the European Parliament told Euronews. The compromised application which has now been taken offline is called ‘PEOPLE’, and collated sensitive information ...