Latest news with #ALPHV
Yahoo
10 hours ago
- Business
- Yahoo
Insurer Aflac investigating possible data breach after attack on US network
(Reuters) -Aflac on Friday disclosed a cybersecurity incident in which personal information of its customers may have been compromised, making it the latest insurance provider to be targeted. The health and life insurance firm said the attack on its U.S. network, which was identified on June 12, was caused by a "sophisticated cybercrime group", but did not specify a name. It said it was unable to determine the total number of affected individuals until a review, which is in its early stages, is completed. The company said it was able to stop the intrusion within hours and has reached out to third-party cybersecurity experts to investigate into the incident. The company said the potentially impacted files contain personal information of its customers, such as social security numbers and health-related details. Aflac offers accident and pet insurance plans in the U.S. and Japan. It manages personal, medical and financial data of more than 50 million policyholders. Health insurers have been facing increased cybersecurity risks recently with UnitedHealth's breach being the most notable example impacting 100 million people last year. UnitedHealth's Change unit was breached by a hacking group called ALPHV, also known as "BlackCat" who are estimated to have stolen a third of Americans' data in one of the worst hacks to hit the U.S. healthcare sector. Shares of Aflac fell 1.3% in premarket trading.
CNA
12 hours ago
- Health
- CNA
Insurer Aflac investigating possible data breach after attack on US network
Aflac on Friday disclosed a cybersecurity incident in which personal information of its customers may have been compromised, making it the latest insurance provider to be targeted. The health and life insurance firm said the attack on its U.S. network, which was identified on June 12, was caused by a "sophisticated cybercrime group", but did not specify a name. It said it was unable to determine the total number of affected individuals until a review, which is in its early stages, is completed. The company said it was able to stop the intrusion within hours and has reached out to third-party cybersecurity experts to investigate into the incident. The company said the potentially impacted files contain personal information of its customers, such as social security numbers and health-related details. Aflac offers accident and pet insurance plans in the U.S. and Japan. It manages personal, medical and financial data of more than 50 million policyholders. Health insurers have been facing increased cybersecurity risks recently with UnitedHealth's breach being the most notable example impacting 100 million people last year. UnitedHealth's Change unit was breached by a hacking group called ALPHV, also known as "BlackCat" who are estimated to have stolen a third of Americans' data in one of the worst hacks to hit the U.S. healthcare sector.
ITV News
29-04-2025
- Business
- ITV News
Who is Scattered Spider, the group being linked to the M&S cyber attack?
Marks and Spencer is still reeling after a cyber attack left it with empty shelves instore and has forced the company to pause its online shopping services. Now reports are emerging claiming that a hacking group known as Scattered Spider was behind the attack. The group is notorious in the online criminal world for targeting large companies and breaching their data. As a result of this attack, M&S has seen more than £700 million wiped off its stock market valuation since first facing problems. So who is Scattered Spider and how does it operate? What is Scattered Spider? According to America's Cyber Defense Agency, Scattered Spider is a cybercriminal group that targets large companies and their IT help desks. Scattered Spider members have typically engaged in data theft for extortion and have been known to use BlackCat/ALPHV ransomware. Experts agree that ransomware was used in M&S's case. The group includes young members, some as young as 16, with a range of skills who frequent the same hacker forums, Telegram channels and Discord servers. The group initially only dabbled in financial fraud and social media hacks but later advanced to stealing cryptocurrency and breaching corporations data in extortion attacks. Some members are believed to be part of a community called The Comm, a group involved in high-profile cyber incidents. Experts say the group's fluid tactics and use of different individuals for each attack make them difficult to track. One of Scattered Spider's biggest alleged hacks involved the gaming giant MGM Resorts International, which operates over 30 hotel and gaming venues around the world. In September 2023, when guests reported difficulty accessing rooms and using casino games, MGM was alerted to a potential hack. Scattered Spider is thought to have brought MGM systems to a halt after they gained access to the company's management system and were able deploy ransomware. The company revealed some customers personal data was stolen, including names, dates of birth and driving license numbers. In some cases, social security numbers and passport numbers were also involved. In the wake of the incident, MGM reported total losses of around $100 million (around £75 million). In August that same year, Ceasars Entertainment also fell victim to a hack linked to Scattered Spider. The data breach affected members of the Ceasars Reward's programme, impacting data related to 65 million people. Scattered Spider reportedly breached Caesars Entertainment's IT vendor by impersonating a Caesars employee and convincing the IT desk to provide login credentials to Caesars' access management provider. From there, it gained access to the loyalty program database. Scattered Spider began making demands for ransom, which the company complied with, paying out $15 million (around £11 million) to the hackers. How do they operate? Scattered Spider is credited with expertise in social engineering attacks (manipulating people into sharing information they would not have otherwise shared). The group is known to have used other techniques such as phishing, multi-factor authentication bypass techniques, and SIM swapping, to gain access to the data of large organisations. America's Cyber Defence Agency cites Scattered Spider as having previously: Posed as company staff using phone calls or text messages to obtain credentials from employees. Posed as IT staff to convince employees to share their credentials. Sent repeated notifications, prompting employees to press the 'Accept' button. Convinced mobile network operators to transfer control of a user's phone number to a SIM card they controlled, gaining control over the phone. Extorted victims for money using ransomware and data theft. What tactics were used in the Marks and Spencer case? Hackers are thought to have gained access to M&S systems through something called Active Directory. Cyber security expert, Professor Alan Woodward told ITV News: "Active Directory is a Microsoft product, which allows you to log in once and access all the systems. "There's a suggestion that they managed to get in and get one of the files out of there, which contains passwords, etc. "They probably wouldn't have been able to get the passwords out of the file, but if they could get in that far, then they could probably do something to mess up the network."
