Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- 23andMe blames “negligent” breach victims, says it’s their own fault
January 4, 2024
In a surprising move, in a letter to legal representatives of victims of the recent 23andMe data breach, the company has laid the blame at the feet of victims themselves. 23andMe even goes as far as to claim that this wasn’t a data breach at 23andMe at all. The reasoning: “… unauthorized actors managed to access ...
- Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices
January 3, 2024
On December 5th, 2023, FortiGuard’s AI-driven OSS malware detection system identified three intriguing PyPI (Python Package Index) packages. These packages, upon initial use, deploy a CoinMiner executable on Linux devices. Leveraging our historical malware database, Fortinet researchers noted that the indicators of compromise (IoCs) for these packages bear a resemblance to the “culturestreak” PyPI package discovered ...
- Orange suffers cyber attack affecting clients’ internet access in Spain
January 3, 2024
The Spanish unit of telecoms provider Orange on Wednesday suffered a cyber attack that affected an undisclosed number of clients who could not access certain websites, a company spokesperson said. The unauthorized access to Orange’s IP network coordination centre has been mostly solved and was neutralized by Orange, the second largest telecoms provider in Spain, the ...
- US insurance giant First American confirms it was hit by a ransomware attack
January 3, 2024
First American, one of the largest insurance companies in the United States, has confirmed the cyber-incident it suffered in late December 2023 was indeed a ransomware attack. The company filed an updated 8-K form with the Securities and Exchange Commission (SEC) on Friday, December 29, 2023. In the filing, the insurance behemoth confirmed suffering a ransomware ...
- Oops! Black Basta ransomware flubs encryption
January 2, 2024
Researchers at SRLabs have made a decryption tool available for Black Basta ransomware, allowing some victims of the group to decrypt files without paying a ransom. The decryptor works for victims whose files were encrypted between November 2022 and December 2023. The decryptor, called Black Basta Buster, exploits a flaw in the encryption algorithm used in ...
- Australia: Cyber attack on Victoria’s court system may have exposed recordings of sensitive cases
January 1, 2024
Victoria’s court system has been hit by a ransomware attack, which an independent expert believes was orchestrated by Russian hackers. A spokesperson for Court Services Victoria (CSV) said hackers accessed an area of the court system’s audio-visual archive. That would mean recordings of hearings including witness testimony from highly sensitive cases may have been accessed or ...