Aflac Investigates Cyberattack on U.S. Network, Potential Data Breach
Health and life insurer Aflac reported on Friday that it is investigating a breach on its U.S. network that may have exposed customers’ personal information. The attack was identified on June 12 and is attributed to a sophisticated cybercrime group.
An Aflac spokesperson told Reuters that the characteristics of the incident were consistent with Scattered Spider, a hacking group known for targeting multiple companies in a single industry. This warning was echoed earlier this week by Google’s chief threat analyst, who advised the insurance industry to be on high alert for attacks from this group.
The breach potentially impacted files containing personal information of Aflac’s customers, including social security numbers and health-related details. Aflac said it stopped the intrusion within hours and has engaged third-party cybersecurity experts to investigate.
The company, which offers accident and pet insurance plans in the U.S. and Japan, manages personal, medical, and financial data of more than 50 million policyholders. Aflac assured that it can continue to provide its services as usual while responding to the security breach.
This incident follows a similar breach last year at UnitedHealth’s Change unit by a hacking group called ALPHV, or “BlackCat,” which was one of the worst hacks to hit the U.S. healthcare sector.
Aflac’s investigation is in its early stages, and the company has not disclosed how many customers were affected or how long the investigation will take. The insurer is working to determine the full extent of the breach and notify affected customers accordingly.
