Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Cisco confirms Yanluowang ransomware leaked stolen company data
September 12, 2022
Cisco has confirmed that the data leaked yesterday by the Yanluowang ransomware gang was stolen from the company network during a cyberattack in May. However, the company says in an update that the leak does not change the initial assessment that the incident has no impact on the business: Read more… Source: Bleeping Computer
- Shape-shifting cryptominer savaging Linux endpoints and IoT
September 10, 2022
AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones. The malware was dubbed “Shikitega” for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to “mutate” its code to avoid ...
- Ransomware gangs switching to new intermittent encryption tactic
September 10, 2022
A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped. This tactic is called intermittent encryption, and it consists of encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a ...
- Russia’s Sovereign Internet Creates Security Risks With Implications for Cyber (Re)Insurance While War in Ukraine Develops
September 10, 2022
A sovereign Russian internet could lead to cyber criminal safe havens, greater confidence that large-scale attacks can be carried out without consequences, and intelligence blindspots, according to a new report published today by cyber risk analytics expert CyberCube. The research “Ukraine Cyber War Update: Spotlight on activity six months later” examines the dramatic rise in the ...
- Threat landscape for industrial automation systems for H1 2022
September 8, 2022
For the first time in five years of observations, the lowest percentage in the first half of the year was observed in March. During the period from January to March, the percentage of attacked ICS computers decreased by 1.7 p.p. Among regions, the highest percentage of ICS computers on which malicious objects were blocked was observed ...
- Criminals exploiting cost of living crisis with energy rebate scam emails
September 7, 2022
Criminals are cashing in on the energy crisis by offering bogus rebates to try and trick victims into handing over bank account details. Police say in the past fortnight they’ve had nearly 1,600 reports of suspicious emails with links to malicious websites designed to steal personal and financial information. The scam emails pretend to be from the ...