Yazılar

Aflac Investigates Potential Data Breach Following Cyberattack

/in /tarafından

Aflac, a health and life insurer, announced on Friday that it is investigating a cyberattack on its U.S. network that may have exposed customers’ personal data. The breach was detected on June 12 and is believed to have been conducted by the cybercrime group Scattered Spider, known for targeting multiple companies in the same industry through coordinated waves of attacks.

Scattered Spider, active since May 2022, is notorious for using identity-based tactics such as scamming help desks to reset credentials and bypass multi-factor authentication. This group has been linked to recent service disruptions at Philadelphia Insurance Companies and Erie Indemnity.

Aflac’s investigation is still in the early stages, and the insurer has not disclosed the number of affected customers or the timeline for completing the review. The company handles personal, medical, and financial data of over 50 million policyholders in the U.S. and Japan, including accident and pet insurance customers.

The attack potentially exposed sensitive information, including social security numbers and health details. Aflac reported that it stopped the intrusion within hours and has engaged third-party cybersecurity experts to assist with the investigation. Despite the breach, Aflac stated that it continues to operate normally while addressing the incident.

This attack follows a wave of cyber threats in the healthcare and insurance sectors, including a major breach last year of UnitedHealth’s Change unit by the hacking group ALPHV, also known as BlackCat.

India’s TCS Confirms No Systems Compromised in Marks & Spencer Cyberattack

/in /tarafından

Tata Consultancy Services (TCS) stated that none of its systems or users were compromised in the recent cyberattack affecting British retailer Marks & Spencer (M&S), a client of over ten years.

At its annual shareholder meeting, independent director Keki Mistry said, “As no TCS systems or users were compromised, none of our other customers are impacted.” He added that the ongoing investigation into the M&S breach does not involve TCS systems.

This marks the first public comment from India’s largest IT services firm on the cyberattack. M&S did not immediately respond to requests for comment.

TCS provides technology services to M&S and secured a $1 billion contract in early 2023 to modernize the retailer’s legacy technology, focusing on supply chain and omnichannel sales improvements.

The cyberattack, disclosed by M&S in April, is described as “highly sophisticated and targeted.” It is expected to cost M&S approximately £300 million ($403 million) in lost operating profit, with online service disruptions anticipated until July.

Last month, the Financial Times reported that TCS was internally investigating whether its systems were used as a gateway for the cyberattack.

Mistry chaired the shareholder meeting, while Tata Group Chairman N Chandrasekaran was absent due to urgent matters related to a recent Air India plane crash in Ahmedabad, which killed 241 of the 242 passengers onboard.

Iran’s Nobitex Crypto Exchange Hit by Hackers, $90 Million in Funds Destroyed

/in /tarafından

A powerful anti-Iranian hacking group known as Gonjeshke Darande (Predatory Sparrow) claimed responsibility on Wednesday for a devastating cyberattack on Nobitex, Iran’s largest cryptocurrency exchange. The attack allegedly destroyed around $90 million in digital assets and threatened to leak the platform’s source code.

This marks the group’s second strike in two days, following an earlier operation targeting Bank Sepah, a state-owned Iranian bank. The campaign comes amid escalating tensions and missile exchanges between Israel and Iran.

The hackers claim Nobitex aids the Iranian regime in evading sanctions and financing militant groups, including Hamas, Palestinian Islamic Jihad, and Yemen’s Houthis. Blockchain forensics firm Elliptic confirmed these ties in a blog post, noting that funds had been exchanged between Nobitex and wallets linked to those entities.

Early Wednesday, funds were transferred from Nobitex to hacker-controlled wallets displaying anti-IRGC (Islamic Revolutionary Guard Corps) messages. Analysis by TRM Labs and Chainalysis confirmed that approximately $90 million in cryptocurrency was irretrievably “burned” in the operation, meaning the attackers intentionally rendered the assets inaccessible as a political statement.

Elliptic noted that the structure of the hacker wallets ensured that even the attackers could not access the stolen assets.

Nobitex confirmed in a post on X (formerly Twitter) that it had taken its website and app offline due to “unauthorized access.” Its Telegram support channels did not respond to inquiries.

The cyberattack adds to a growing list of high-profile hacks by Predatory Sparrow, which has previously disabled Iranian infrastructure, including gas stations and steel mills. Though Israel has never officially claimed the group, its operations are widely considered to align with Israeli cyber interests.

Senators Elizabeth Warren and Angus King recently highlighted Nobitex’s suspected role in Iranian sanctions evasion in a letter to the Biden administration, citing prior Reuters investigations from 2022.

Cybersecurity experts warn that this breach could further inflame geopolitical tensions while demonstrating the increasing use of blockchain technology in modern cyber warfare.