Cybercriminals breach Aflac as part of hacking spree against US insurance industry


Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry.

With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN.

Read more…
Source: CNN News


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • NFC fraud threatens Philippines digital payments security

    July 8, 2025

    As contactless payments and digital wallets grow quickly in the Philippines, cyber-criminals are now targeting the country by abusing Near Field Communication (NFC) technologies. Resecurity, a global leader in cyber threat intelligence, issued a stark warning, urging Philippine regulators and financial institutions to heighten their defenses amid an alarming increase in NFC-enabled fraud, particularly from ...

  • Batavia spyware steals data from Russian organizations

    July 7, 2025

    Since early March 2025, our systems have recorded an increase in detections of similar files with names like договор-2025-5.vbe, приложение.vbe, and dogovor.vbe (translation: contract, attachment) among employees at various Russian organizations. The targeted attack begins with bait emails containing malicious links, sent under the pretext of signing a contract. The campaign began in July 2024 and ...

  • BERT Ransomware Group Targets Asia and Europe on Multiple Platforms

    July 7, 2025

    In April, a new ransomware group known as BERT, has been observed targeting organizations across Asia and Europe. TrendResearch telemetry has confirmed the emergence and activity of this ransomware. This blog entry examines BERT’s tools and tactics across multiple variants. By comparing its different iterations, we unpack how the ransomware group operates, how their methods have ...

  • NordDragonScan: Quiet Data-Harvester on Windows

    July 7, 2025

    FortiGuard Labs recently uncovered an active delivery site that hosts a weaponized HTA script and silently drops the infostealer “NordDragonScan” into victims’ environments. Once installed, NordDragonScan examines the host and copies documents, harvests entire Chrome and Firefox profiles, and takes screenshots. The package is then sent over TLS to its command-and-control server, “kpuszkiev.com,” which also serves ...

  • Ingram Micro says ongoing outage caused by ransomware attack

    July 7, 2025

    Ingram Micro, a U.S. technology distributing giant and managed services provider, said on Monday a ransomware attack is the cause of an ongoing outage at the company. The hack began on Thursday, after which the company’s website and much of its network went down. Late on Saturday, the company said in a brief statement that it ...

  • Australia’s Qantas says cyber criminal contacts one week after data breach

    July 7, 2025

    A cyber criminal has made contact with Australia’s Qantas following a data breach last week that exposed personal information of six million customers, a company spokesperson told Reuters on Tuesday. The hacker had targeted a call centre and gained access to a third-party customer service platform containing the customers’ names, email addresses, phone numbers, birth dates ...