Cybercriminals breach Aflac as part of hacking spree against US insurance industry

In a significant breach, cybercriminals have infiltrated Aflac, one of the largest insurance providers in the United States, raising concerns over the safety of sensitive information such as Social Security numbers, insurance claims, and health data. This incident marks a troubling escalation in a series of cyberattacks targeting the insurance industry, prompting alarm among companies and law enforcement agencies alike. The attack on Aflac, which has a substantial client base and generates billions in revenue annually, is part of a wider trend of hacking incidents affecting major players in the insurance sector. Other companies like Erie Insurance and Philadelphia Insurance Companies have also reported similar breaches this month, resulting in significant disruptions to their IT services. According to sources familiar with the investigation, these attacks bear the hallmarks of a notorious cybercrime group known as Scattered Spider. Aflac issued a statement confirming the attack was carried out by a sophisticated group but did not specifically name Scattered Spider. The company noted that it managed to halt the intrusion within hours of detection, emphasizing that no ransomware was deployed and that they continue to serve their customers. Despite these reassurances, Aflac acknowledged it is still too early to determine the extent of the data breach and the potential impact on customer information. The hackers utilized “social engineering” tactics to gain access to Aflac's network, a method that often involves tricking individuals into divulging security information. Scattered Spider has gained notoriety for its aggressive tactics, which include impersonating tech support to access corporate networks. This group, believed to be comprised of young individuals from the U.S. and the U.K., gained attention in September 2023 after being connected to high-profile hacks on prominent Las Vegas casinos, including MGM Resorts and Caesars Entertainment. With the frequency and intensity of these attacks on the rise, cybersecurity professionals are urging companies to remain vigilant against potential threats. Cynthia Kaiser, a former FBI Cyber Division official, warned that if Scattered Spider is targeting a specific industry, organizations should seek immediate assistance, as their attacks can unfold rapidly, often within hours. While concerns about foreign cyber threats, particularly from Iran, have been in the spotlight, experts like John Hultquist from Google's Threat Intelligence Group emphasize that Scattered Spider presents a more immediate risk, capable of causing substantial disruptions to businesses and everyday life.