Latest news with #databreach
Washington Post
14 minutes ago
- Business
- Washington Post
Aflac finds suspicious activity on US network that may impact Social Security numbers, other data
Aflac says that it has identified suspicious activity on its network in the U.S. that may impact Social Security numbers and other personal information, calling the incident part of a cybercrime campaign against the insurance industry. The company said Friday that the intrusion was stopped within hours. 'We continue to serve our customers as we respond to this incident and can underwrite policies, review claims, and otherwise service our customers as usual,' Aflac said in a statement.
Tahawul Tech
26 minutes ago
- Tahawul Tech
Cybercriminals gain access as 16 billion credentials exposed in historic data breach
The threat landscape continues to evolve, and the message from cybersecurity experts is clear: digital vigilance and routine cyber hygiene are now non-negotiable. The global cybersecurity community is sounding the alarm following what Cybernews has dubbed the largest data breach in history, revealing a staggering 16 billion login credentials scattered across 30 different databases. While some records are believed to overlap, researchers emphasise that much of the data stems from recent infostealer malware attacks, not just recycled incidents from the past. This latest revelation significantly raises the stakes in the ongoing battle against credential theft. Commenting on the report, Alexandra Fedosimova, Digital Footprint Analyst at Kaspersky, explains: '16 billion records is a figure nearly double the Earth's population, and it's hard to believe such a vast amount of information could be exposed. This 'leak' refers to a compilation of 30 user data breaches from various sources. These data sets ('logs') are primarily obtained by cybercriminals through infostealers — malicious applications that steal information — and such incidents occur daily. Cybernews researchers collected this data over six months from the start of the year. Their dataset likely contains duplicates due to the persistent issue of password reuse among users. Therefore, although it was noted that none of the databases they found had been previously reported, this doesn't mean these credentials hadn't previously leaked from other services or been collected by other infostealers.' Kaspersky telemetry further supports the scale of the threat, reporting a 21% global increase in password stealer detections from 2023 to 2024. Infostealer malware has emerged as one of the most pervasive cyber threats, compromising millions of devices and extracting credentials, cookies, and sensitive data — all of which are then aggregated and circulated on the dark web. Dmitry Galov, Head of Kaspersky's Global Research and Analysis Team (GReAT) for Russia and CIS, added: 'Cybernews research speaks of an aggregation of several data leaks over a long period – since the start of the year. This is a reflection of a thriving cybercrime economy that has industrialised credential theft. 'Credentials are harvested, enriched, and resold — often multiple times — via combo lists that are constantly updated and even made available on public platforms.' 'What's notable here is that the datasets were reportedly temporarily exposed via unsecured channels, making them accessible to anyone who stumbled upon them.' Anna Larkina, Web Content Analysis Expert at Kaspersky, advises users to take urgent action and said, 'This news is a good reminder to focus on digital hygiene. Regularly update your passwords, enable two-factor authentication, and use a reliable password manager, such as Kaspersky Password Manager, to store your credentials securely. If you suspect your accounts may have been compromised, contact support services immediately to regain access and limit further damage. Users should also stay alert to social engineering scams that exploit leaked data.' Adding to the expert views, Peter Mackenzie, Director of Incident Response and Readiness at Sophos, said, 'While you'd be right to be startled at the huge volume of data exposed in this leak, it's important to note there is no new threat here — this data will most likely already have been in circulation. These datasets are amalgamated from multiple breaches. What this tells us is the sheer depth of information now available to cybercriminals. It's a powerful reminder to everyone to take proactive steps — update passwords, use a password manager, and implement multifactor authentication. If concerned, check your email at to see if your data has been compromised.'
CNA
an hour ago
- Business
- CNA
Insurer Aflac discloses cybersecurity incident
Insurer Aflac said on Friday it identified suspicious activity on its network in the United States on June 12. The company said it has reached out to third-party cybersecurity experts to investigate the incident and has commenced a review of potentially impacted files. These files contain personal information of its customers, including social security numbers and health-related details, it added.
Forbes
2 hours ago
- Business
- Forbes
Urgent Upgrade Appeal After ‘Biggest Ever' 16 Billion Hack Hits Facebook, Google, Apple And Others
Passwords linked to accounts with Apple, Facebook, and Google as well as government services and other social media platforms are among a 'colossal" data breach, according to researchers. Front-run Donald Trump, the White House and Wall Street by subscribing now to Forbes' CryptoAsset & Blockchain Advisor where you can "uncover blockchain blockbusters poised for 1,000% plus gains!" 'This is not just a leak—it's a blueprint for mass exploitation," experts with Cybernews wrote. 'With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing.' The hack, which has been claimed to be the biggest ever and was earlier reported by Forbes writer Davey Winder, has led to the chief executive of major crypto company Tether declaring it's 'time to move beyond storing passwords in the cloud.' Sign up now for the free CryptoCodex—A daily five-minute newsletter for traders, investors and the crypto-curious that will get you up to date and keep you ahead of the bitcoin and crypto market bull run Apple, Facebook, and Google passwords are believed to be among the 16 billion leaked by hackers. Paolo Ardoino, the chief executive of dominant USDT stablecoin issuer Tether, has said the company will release a password manager called PearPass. "The cloud has failed us. Again," Ardoino posted to X alongside an ad for PearPass that pitches it as a "fully local, open-source" app, adding: 'It's time to ditch the cloud.' Hacks and data breaches, which can lead to phishing attempts, are a major concern for crypto companies that are trusted to look after users' digital assets. A recent high-profile spate of physical attacks on bitcoin and crypto holders has escalated demand for services that keep user data secret. Replacing cloud-based security with passwords and encryption keys stored on a user's device means hacks on centralized services are less likely to put user data or personal information like emails, phone numbers or home addresses at risk. Tether—which has boasted it made $13 billion in profit last year, mostly from the interest earned on the funds it uses to back its $155 billion stablecoin—is scrambling to diversify its business as looming U.S. stablecoin regulation is expected to open up the market to tech companies, Wall Street giants and even retailers like Walmart. Tether's biggest rival Circle has seen its freshly IPO-ed stock price surge this week following the passage of the Genius Act stablecoin bill by the U.S. Senate, cheered by U.S. president Donald Trump. In an interview with influencer Anthony Pompliano, Ardoino said this week he believes Tether is a $2 trillion business and also teased a new product that will be launched this year in an interview out Monday with Bankless. "If we are living in a disaster scenario, we need to be able to have technology that works locally first," Ardoino told Pompliano.
Forbes
2 hours ago
- Business
- Forbes
How Customer Trust Can Shield Your Business In A Crisis
If there's one certainty in these volatile times, it is that the threat of large-scale, disruptive cyber-attacks is here to stay. From US school districts to major brands like Marks & Spencer (M&S), Cartier and Adidas, organisations across multiple industries and regions have experienced severe cybersecurity breaches – with fallout lasting weeks and sometimes months. The attackers don't seem to differentiate by size, industry, or age – indeed, even ransomware extortion group Lockbit suffered a breach of their own in May. Any organisation is a potential target and there's no room for complacency. This is now an everyday reality for modern businesses. If there's one certainty in these volatile times, it is that the threat of large-scale, disruptive ... More cyber-attacks is here to stay. Long-term reputational damage The immediate disruption for companies and customers can be severe, ranging from empty supermarket shelves to payment outages and long delays in online orders. Attacks can also result in serious data breaches, potentially heightening the onward risk of fraud attacks against their customers. In the UK, Deutsche Bank estimated that the recent cyberattack and resulting outages have been costing M&S £15m a week in lost profits, and the issue looks set to continue through the summer. And in the long term, disruptions of this scale can often erode consumer trust. Earlier this year, we conducted extensive research into the key factors influencing perceptions of an organisation's reputation, as well as the impact of customer service failures on long-term reputation and customer engagement. Our data shows that 61% of customers who experienced a major customer service failure feel it has eroded their trust in the organisation. What's even more concerning is that 24% of customers have avoided using an organisation after experiencing a major customer service failure, and a further 30% say they will avoid using the business if they can. This highlights the impact on customer confidence that cyber-attacks and other forms of service disruption can have, leading to longstanding reputational damage. Earning goodwill However, organisations that focus on the right things can mitigate these impacts in significant ways. What we have seen from the M&S case is, even while suffering catastrophic financial damages, brands who have achieved consistently high levels of customer satisfaction retain goodwill, loyalty, and even sympathy from their customers. This ultimately should lead to a faster, smoother recovery once things come back online, with – most importantly – a reduced reputational impact. So, what lessons can be learned? For me, it's about building a strong reputation for excellent service, showing that you genuinely care about your customers, and communicating with authenticity and honesty during times of crisis. Embedding a culture of service from the boardroom right down through the business will also better connect your organisation with your customers, which creates a bank of goodwill to fall back on when disaster strikes. The importance of communication Today's consumers are used to receiving constant information and updates. Our risk and reputation research, which I referenced earlier, shows that customers who have experienced a major customer service failure look to their phones, live websites and apps for information and want updates to reach them there. Companies need to meet this demand to retain their support, demonstrate transparency and honesty about the scale of disruption to their services, be clear about the consequences that may have occurred and issue apologies and updates to customers across all available touchpoints to ensure they are kept informed. Additionally, a consistent, human approach to crises can reduce negative responses from many customers and, in many cases, inspires warmth and sympathy for the brand or organisation. And if the disruption is large-scale and likely to create severe negative backlash, having the head of your organisation remain visible and publicly acknowledge the issue adds a personal face to your organisation, which can be critical. Customers who have experienced a major customer service failure look to their phones, live websites ... More and apps for information and want updates to reach them there. No room for complacency All of this being said, brands with a good record of customer service shouldn't be complacent. Consumer patience and understanding will only go so far. Recent developments have served as a wake-up call to many business leaders about the importance of ongoing investment in sophisticated cybersecurity systems and the risks associated with overreliance on technology. Businesses with well-trained service and operational people can adapt in the face of systems failures to ensure the show goes on. Crises are inevitable, whether due to cyber-attacks, power outages or something else unexpected. Brands can't afford to be reactive. How would your organisation respond to a high-profile operational challenge, and will your customers support your recovery or jump ship to a rival given the opportunity?
