The Wall Avenue Journal experiences that Aflac is investigating a breach that will have uncovered claims info, well being particulars, Social Safety numbers, and different private information.
That’s the form of delicate private info you’d count on your insurer to guard, not unintentionally hand over to cybercriminals.
Based on Aflac, the assault got here from a “extremely refined and well-known group that has the insurance coverage business below siege”
Beneath siege? Appears like they’ve been watching too many Steven Seagal motion pictures (be aware to self: one Steven Seagal film is just too many…)
However what’s extra upsetting than that’s the declare that the hackers are “extremely refined.”
Is that as a result of they exploited a zero day vulnerability? No.
Is it as a result of they’ve an evil genius on their staff who created some undetectable malware? Nope.
Likelihood is that this is identical hacking gang (Scattered Spider) behind current information breaches at Marks & Spencer, Victoria’s Secret and different retailers, in addition to assaults concentrating on insurance coverage companies throughout the USA.
Scattered Spider makes use of the “extremely refined” methodology of phoning a assist desk claiming to be a locked out worker, and asking to be granted entry to the community. Perhaps with a slice of phishing, SIM swapping, and multi-factor authentication (MFA) bombing.
Actually not that refined in any respect…
