Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- “.Zip” top-level domains draw potential for information leaks
June 13, 2023
As a result of Google’s announced sale of new TLDs that are also popular file extension formats, there is an increased risk with the deployment of the “.zip” domain that threat actors will develop new vectors for compromising victims. In early May 2023, Google released eight new TLDs, marketing the “.zip” domain as a way ...
- Two Prudential companies in Malaysia affected by MOVEit data-theft attack
June 13, 2023
Prudential Assurance Malaysia Bhd (PAMB) and Prudential BSN Takaful Bhd (PruBSN) have confirmed that they have been affected by the global MOVEit data-theft attack, “where a zero-day vulnerability was exploited.” The two insurance companies said that as soon as they became aware of the breach, “we took action to isolate the affected server while the incident ...
- MOVEit Vulnerabilities: What You Need to Know
June 12, 2023
Extortion actors have been actively exploiting a recently patched vulnerability in MOVEit Transfer, a file-transfer application that is widely used to transmit information between organizations. The nature of the software affected means that attackers can exploit unpatched systems to mount a supply chain attack against multiple organizations. While the original vulnerability (CVE-2023-34362) was patched on May ...
- UK media watchdog Ofcom data downloaded in cyber-attack
June 12, 2023
Media watchdog Ofcom has confirmed that it is a victim of a cyber-attack by hackers linked to a notorious Russian ransomware group. Confidential data about some companies regulated by Ofcom, and personal information from 412 employees was downloaded during the mass hack. A number of firms, including British Airways, the BBC and Boots, have been affected ...
- Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency
June 12, 2023
Stealing cryptocurrencies is nothing new. For example, the Mt. Gox exchange was robbed of many bitcoins back in the beginning of 2010s. Attackers such as those behind the Coinvault ransomware were after your Bitcoin wallets, too. Since then, stealing cryptocurrencies has continued to occupy cybercriminals. One of the latest additions to this phenomenon is the multi-stage ...
- Ireland: Fresh cyber attack impacts HSE
June 9, 2023
The Health Service Executive (HSE) has been impacted by a fresh cyber attack. Work is ongoing to determine the impact on HSE data following the attack which has been as criminal in nature and international in scale. But no patient data is believed to have been accessed at this stage. Read more… Source: The Irish News