Zurich Japan hit by data breach with 750,000 users’ info stolen; Aflac Insurance also hit
Switzerland Times reports that Zurich Japan auto insurance was the victim of a cyberattack.
Media reports on Monday reported the outflow of data from 2.6 million customers from the East Asian country. In fact, data from 757,463 former customers of a local car insurance product are affected, as the insurance group specified to AWP on Tuesday.
“We are in contact with regulators and local authorities and are about to start informing our customers in Japan,” the Zurich media office told AWP. There are no indications that customer data outside of Japan is affected.
Read more at Switzerland Times.
In addition to the data from Zurich Japan, personal information for 3.2 million Aflac insurance policy holders in Japan was also stolen from an unnamed third-party contractor. DataBreachToday reported:
“The incident, caused by a vulnerability in a file transfer server, originated with a subcontractor of a third-party vendor that Aflac Japan uses for marketing purposes. The data, which did not include personally identifiable information was posted on a dark website. This incident was confined to Aflac Japan and did not involve data related to U.S. operations or customers. We place the highest priority on protecting the data entrusted to us and will continue to leverage our robust, industry-leading risk management program to fight the ever-evolving cybercrime practices,” the statement says.
Data allegedly from both companies showed up on the internet this past weekend. They were posted on a popular hacking forum by a well-established user. The fact that the forum is on both the clear net and the dark web means that the data are easily available to more people.
Although details are light and unconfirmed at this point, it sounds like both incidents may be related to an incident at the same unnamed U.S. contractor, but again, none of that is confirmed at this point, and the forum user provided no information as to how the data were obtained.