Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- BlueNoroff introduces new methods bypassing MoTW
December 27, 2022
BlueNoroff group is a financially motivated threat actor eager to profit from its cyberattack capabilities. Kaspersky researchers have published technical details of how this notorious group steals cryptocurrency before. Kaspersky continue to track the group’s activities and this October they observed the adoption of new malware strains in its arsenal. The group usually takes advantage ...
- Hackers stole data from multiple electric utilities in recent ransomware attack
December 27, 2022
Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. Federal officials have closely monitored the incident for any potential broader impact on the US power sector while private investigators ...
- Louisiana: Lake Charles Memorial Health has possible cybersecurity incident
December 26, 2022
Some Lake Charles health care system patients may have had their information involved in a cybersecurity incident. The Lake Charles Memorial Health System on Friday mailed letters to some of its “patients whose information may have been involved in a recent cybersecurity incident,” according to a news release from the company. On Oct. 21, the system’s information ...
- Hacker claims to be selling Twitter data of 400 million users
December 26, 2022
A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They’re asking $200,000 for an exclusive sale. The alleged data dump is being sold by a threat actor named ‘Ryushi’ on the Breached hacking forum, a site commonly used to sell user ...
- IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
December 23, 2022
After closely tracking the activities of the IcedID botnet, Trend Micro researchers have discovered some significant changes in its distribution methods. Since December 2022, Trend Micro observed the abuse of Google pay per click (PPC) ads to distribute IcedID via malvertising attacks. This IcedID variant is detected by Trend Micro as TrojanSpy.Win64.ICEDID.SMYXCLGZ. Advertising platforms like Google ...
- LastPass admits attackers have a copy of customers’ password vaults
December 23, 2022
Password locker LastPass has warned customers that the August 2022 attack on its systems saw unknown parties copy encrypted files that contains the passwords to their accounts. In a December 22nd update to its advice about the incident, LastPass brings customers up to date by explaining that the August 2022 attack saw “some source code and ...