Cybercriminals breach Aflac as part of hacking spree against US insurance industry


Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.

With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.

Read more…
Source: CNN News


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • Russian government hackers said to be behind US federal court filing system hack

    August 12, 2025

    The Russian government is allegedly behind the data breach affecting the U.S. court filing system known as PACER, according to The New York Times. Citing anonymous sources, the newspaper said Russia “is at least in part responsible” for the cyberattack, without saying what part of the Russian government is behind the hack. The hackers searched for ...

  • U.S. Department of Justice Announces Coordinated Disruption Actions Against BlackSuit (Royal) Ransomware Operations

    August 11, 2025

    Law Enforcement Seizes Servers, Domains, and Approximately $1 Million In Laundered Proceeds Owned By BlackSuit (Royal) Ransomware The Justice Department announced today coordinated actions against the BlackSuit (Royal) Ransomware group which included the takedown of four servers and nine domains on July 24, 2025. The takedown was conducted by the Department of Homeland Security’s Homeland Security ...

  • WestJet says some passengers’ personal information stolen in cyberattack

    August 11, 2025

    WestJet says some personal data including information about travel documents such as passports was stolen in a cyberattack earlier this year, but credit and debit card numbers as well as user passwords were not compromised. In a note to customers, WestJet says the personal information taken varies from person to person but may include name, date ...

  • From ClickFix to Command: A Full PowerShell Attack Chain

    August 11, 2025

    The FortiMail Workspace Security team recently identified a targeted intrusion campaign impacting multiple Israeli organizations. The adversary leveraged compromised internal email infrastructure to distribute phishing messages across the regional business landscape. These emails initiated a multi-stage, PowerShell-based infection chain that culminated in the delivery of a remote access trojan (RAT), executed entirely through PowerShell. Read more… Source:  Fortinet Sign ...

  • University of Western Australia suffers major data breach, staff and students locked out

    August 11, 2025

    One of Australia’s major universities has suffered a data breach, with the password information of thousands of staff and students exposed. The University of WA (UWA) confirmed it was investigating a cybersecurity incident on Saturday night, which involved unauthorised access of password information. Read more… Source:  MSN Ness Sign up for the Cyber Security Review Newsletter The latest cyber security ...

  • Massive leak of over 115 million US payment cards caused by Chinese “smishing” hackers

    August 10, 2025

    A wave of advanced phishing campaigns, traced to Chinese-speaking cybercriminal syndicates, may have compromised up to 115 million US payment cards in just over a year, experts have warned. Researchers at SecAlliance revealed these operations represent a growing convergence of social engineering, real-time authentication bypasses, and phishing infrastructure designed to scale. Investigators have identified a figure ...