DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Zurich Japan hit by data breach with 750,000 users’ info stolen; Aflac Insurance also hit

Posted on January 12, 2023 by Dissent

Switzerland Times reports that Zurich Japan auto insurance was the victim of a cyberattack.

Media reports on Monday reported the outflow of data from 2.6 million customers from the East Asian country. In fact, data from 757,463 former customers of a local car insurance product are affected, as the insurance group specified to AWP on Tuesday.

“We are in contact with regulators and local authorities and are about to start informing our customers in Japan,” the Zurich media office told AWP. There are no indications that customer data outside of Japan is affected.

Read more at Switzerland Times.

In addition to the data from Zurich Japan, personal information for 3.2 million Aflac  insurance policy holders in Japan was also stolen from an unnamed third-party contractor. DataBreachToday reported:

“The incident, caused by a vulnerability in a file transfer server, originated with a subcontractor of a third-party vendor that Aflac Japan uses for marketing purposes. The data, which did not include personally identifiable information was posted on a dark website. This incident was confined to Aflac Japan and did not involve data related to U.S. operations or customers. We place the highest priority on protecting the data entrusted to us and will continue to leverage our robust, industry-leading risk management program to fight the ever-evolving cybercrime practices,” the statement says.

Data allegedly from both companies showed up on the internet this past weekend. They were posted on a popular hacking forum by a well-established user. The fact that the forum is on both the clear net and the dark web means that the data are easily available to more people.

Although details are light and unconfirmed at this point, it sounds like both incidents may be related to an incident at the same unnamed U.S. contractor, but again, none of that is confirmed at this point, and the forum user provided no information as to how the data were obtained.

Related posts:

  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • (follow-up) Zurich Insurance agrees to improve information security after losing over 46,000 individuals’ personal financial information
  • A Doctor and 532 Others Indicted for Mail and Social Security Fraud Conspiracy
Category: Business SectorNon-U.S.

Post navigation

← Ransomware attack exposes California transit giant’s sensitive data
SEC sues Covington law firm for names of 300 clients caught up in hack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.