Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow
March 3, 2021
Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow (among others) inside the npm public code repository — all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept (PoC) code dependency-confusion exploit that was recently devised by security researcher Alex Birsan to inject rogue code into developer projects. Internal developer projects ...
- Ursnif Trojan has targeted over 100 Italian banks
March 3, 2021
The Ursnif Trojan has been traced back to attacks against at least 100 banks in Italy. According to Avast, the malware’s operators have a keen interest in Italian targets and attacks against these banking institutions have led to the loss of credentials and financial data. The cybersecurity firm said on Tuesday that at least 100 banks have ...
- Compromised Website Images Camouflage ObliqueRAT Malware
March 2, 2021
The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files that are hidden on compromised websites. The remote access trojan (RAT), which has been operating since 2019, spreads via emails, which have malicious Microsoft Office documents attached. Previously, payloads were embedded into the documents themselves. Now, if users click on the attachment, they’re redirected ...
- Ryuk Ransomware: Now with Worming Self-Propagation
March 2, 2021
A new version of the Ryuk ransomware is capable of worm-like self-propagation within a local network, researchers have found. The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems (ANSSI). The agency said that it achieves self-replication by scanning for network shares, and then ...
- Fast Flux 101: How Cybercriminals Improve the Resilience of Their Infrastructure to Evade Detection and Law Enforcement Takedowns
March 2, 2021
Fast flux is a technique used by cybercriminals to increase their infrastructure’s resilience by making law enforcement takedown of their servers and blocklisting of their IP addresses harder. It is critical for these cybercriminals to maintain their networks’ uptime to avoid losses to their revenue streams, including phishing and scam campaigns, botnet rental and illegal ...
- Emotet One Month After the Takedown
March 2, 2021
2021 got off to a fantastic start for the cybersecurity community with the news that the infamous botnet Emotet had been brought down in a coordinated global operation, “Operation Ladybird.” As the first security vendor to detect and profile the Trojan all the way back in 2014, we’re particularly delighted to be seeing the back of ...