Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Countering threats from North Korea
March 24, 2022
On February 10, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609. These groups’ activity has been publicly tracked as Operation Dream Job and Operation AppleJeus. We observed the campaigns targeting U.S. based organizations spanning news media, IT, cryptocurrency and fintech industries. However, other organizations ...
- Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal
March 24, 2022
A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$. The teenager, who is alleged to have amassed a $14m (£10.6m) fortune from hacking, has been named by rival hackers and researchers. City of London Police say they have arrested seven teenagers in relation to the gang but will not ...
- Lockbit wins ransomware speed test, encrypts 25,000 files per minute
March 23, 2022
Ransomware moves more quickly than most organizations can respond. Though knowing they have a specific limited window should help inform where to put their defenses, according to security data shop Splunk. The vendor’s research team Surge today published research on how long it takes 10 of the big ransomware families including Lockbit, Conti, and REvil to ...
- Italy’s state railway may have been target of cyber attack
March 23, 2022
Italian railway company Ferrovie dello Stato Italiane (FS) said on Wednesday it had temporarily halted some ticket sale services as it feared they had been targeted by a cyber attack. “Since this morning, elements that could be linked to a cryptolocker infection have been detected on the computer network of Trenitalia and RFI,” the company said ...
- Microsoft confirms it was breached by hacker group
March 23, 2022
Microsoft has confirmed it was breached by the hacker group Lapsus$, adding to the cyber gang’s growing list of victims. In a blog post late Tuesday, Microsoft said Lapsus$ had compromised one of its accounts, resulting in “limited access” to company systems but not the data of any Microsoft customers.” Our cybersecurity response teams quickly engaged to ...
- Corrupted open-source software enters the Russian battlefield
March 22, 2022
It started as an innocent protest. Npm, JavaScript’s package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called peacenotwar. It did little except add a protest message against Russia’s invasion of Ukraine. But then, it took a darker turn: It began destroying computers’ file systems. To be exact, Miller added ...