Cybercriminals breach Aflac as part of hacking spree against US insurance industry


Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.

With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.

Read more…
Source: CNN News


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • The Resurgence of IoT Malware: Inside the Mirai-Based Botnet Campaign

    August 22, 2025

    Over the past year, FortiGuard Labs has been tracking a stealthy malware strain exploiting a range of vulnerabilities to infiltrate systems. Initially disclosed by a Chinese cybersecurity firm under the name “Gayfemboy.” The malware resurfaced this past July with new activity, this time targeting vulnerabilities in products from vendors such as DrayTek, TP-Link, Raisecom, and Cisco, ...

  • Massive data breach sees 16 million PayPal accounts leaked online

    August 22, 2025

    Hackers recently announced on a well-known forum that they were selling a dataset of 15.8 million stolen PayPal credentials, allegedly including login emails and plaintext passwords. The cybercriminals claim the information was stolen in May 2025, and the dataset contains not just emails and passwords but also associated URLs, making it easier for criminals to automate ...

  • African authorities dismantle massive cybercrime and fraud networks, recover millions

    August 22, 2025

    LYON, France – In a sweeping INTERPOL-coordinated operation, authorities across Africa have arrested 1,209 cybercriminals targeting nearly 88,000 victims. The crackdown recovered USD 97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for cross-border cooperation. Operation Serengeti 2.0 (June to August 2025) brought together investigators from 18 African ...

  • All Apple users should update after company patches zero-day vulnerability in all platforms

    August 21, 2025

    Apple has released security updates for iPhones, iPads and Macs to fix a zero-day vulnerability (a vulnerability which Apple was previously unaware of) that is reportedly being used in targeted attacks. Apple has acknowledged reports that attackers may have already used this flaw in a highly sophisticated operation aimed at specific, high‑value targets. But history teaches ...

  • Ransomware attack at DaVita impacted 2.7 million people, US health dept website shows

    August 21, 2025

    A ransomware attack that encrypted certain elements of dialysis firm DaVita’s network impacted 2.7 million people, the U.S. health department’s website showed on Thursday. The firm had disclosed in April that it was hit by a cyberattack. At the time, it said it would continue to provide patient care as it took measures to restore certain ...

  • Orange Belgium informs its customers about a cyberattack

    August 20, 2025

    At the end of July, Orange Belgium detected a cyberattack on one of its IT systems, resulting in unauthorised access to certain data from 850,000 customer accounts. No critical data was compromised: no passwords, email addresses, bank or financial details were hacked. However, the hacker gained access to one of our IT systems containing the following ...