Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Group of unskilled Iranian hackers behind recent attacks with Dharma ransomware
August 24, 2020
Cyber-security firm Group-IB says it identified a group of low-skilled hackers operating out of Iran that has been launching attacks against companies in Asia and attempting to encrypt their networks with a version of the Dharma ransomware. The attacks have targeted companies located in Russia, Japan, China, and India, according to a report Group-IB researchers published ...
- Lifting the veil on DeathStalker, a mercenary triumvirate
August 24, 2020
State-sponsored threat actors and sophisticated attacks are often in the spotlight. Indeed, their innovative techniques, advanced malware platforms and 0-day exploit chains capture our collective imagination. Yet these groups still aren’t likely to be a part of the risk model at most companies, nor should they be. Businesses today are faced with an array of much ...
- FBI and CISA warn of major wave of vishing attacks targeting teleworkers
August 22, 2020
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory on Thursday, warning about an ongoing wave of vishing attacks targeting the US private sector. Vishing, or voice phishing, is a form of social engineering where criminals call victims to obtain desired information, usually posing as ...
- DarkSide: New targeted ransomware demands million dollar ransoms
August 21, 2020
A new ransomware operation named DarkSide began attacking organizations earlier this month with customized attacks that have already earned them million-dollar payouts. Starting around August 10th, 2020, the new ransomware operation began performing targeted attacks against numerous companies. In a “press release” issued by the threat actors, they claim to be former affiliates who had made millions ...
- WannaRen ransomware author contacts security firm to share decryption key
August 19, 2020
A major ransomware outbreak hit Chinese internet users earlier this year in April. For about a week, a ransomware strain known as WannaRen made tens of thousands of victims among both home consumers and local Chinese and Taiwanese companies. Looking back, in retrospect, four months later, WannaRen’s virality can be explained due to the fact that ...
- Experian South Africa discloses data breach impacting 24 million customers
August 19, 2020
The South African branch of consumer credit reporting agency Experian disclosed a data breach on Wednesday. The credit agency admitted to handing over the personal details of its South African customers to a fraudster posing as a client. While Experian did not disclose the number of impacted users, a report from South African Banking Risk Centre (SABRIC), ...