Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.
With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.
Read more…
Source: CNN News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- From cause to cash: a cross-border look at hacktivist activity
June 8, 2026
While tracking the activities of 4BID Kaspersky researchers uncovered a new string of campaigns that appear to be the work of several interconnected actors. While politically motivated groups generally limit their scope to specific nations – for 4BID and its peers, primarily Russian and occasionally Belarusian organizations – the latest findings reveal a shift. The actual ...
- Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms
June 5, 2026
From January through May 2026, Mandiant identified a financially motivated data theft extortion campaign executed by the threat cluster UNC3753 (also tracked as “Luna Moth,” “Chatty Spider,” and “Silent Ransom Group”) targeting dozens of organizations across professional, legal, and financial services in the United States. UNC3753 leverages voice phishing (vishing) and social engineering deception techniques to ...
- Meta, Starlink and Microsoft team up with the FBI to delete over 1.4 million accounts and seize millions in cryptocurrency related to huge scam networks targeting Americans
June 4, 2026
Dozens of people have been arrested, and millions of dollars in cryptocurrency seized, in a large-scale, multi-national operation against internet scammers and fraudsters. On May 18, the US Department of Justice, the FBI, Secret Service, law enforcement agencies in the UK, Australia, Canada, New Zealand, and Thailand, as well as multiple commercial businesses such as Meta, ...
- You do surprise me.exe: An unexpected executable in Hola Browser
June 4, 2026
During review work related to an AppEsteem Windows Certified Application test, Sophos X-Ops recently identified an unexpected executable delivered alongside Hola Browser (version 1.251.91.0). The executable, me.exe, was not listed as a certified component, and appears to be a crypto-miner. After the issue was reported through the certification program, Hola reported that they had fixed their delivery pipeline, removing the condition that ...
- Error 524 Decoy: Unmasking a Global Smishing Operation Hiding Behind Error Pages
June 3, 2026
Group-IB researchers expose a large-scale smishing and phishing operation impersonating 260+ brands across 72 countries, using fake Cloudflare error pages, geofencing, and encrypted WebSocket channels for real-time credit card theft. The operation has a layered anti-analysis evasion architecture, which uses convincing fake Cloudflare error pages, like the “Error 524” timeout screen, as a decoy. The malicious ...
- Ransomware groups grow revenue by almost 40% in Q1 2026
June 2, 2026
In the first quarter of the year, ransomware groups increased their revenue by almost 40%, compared to the same period last year. This is according to a new report from cybersecurity researchers Rapid7, who said the increase is partly due to a maturing cybercriminal industry. Rapid7 based its findings on its research telemetry, which showed that ...

