Aflac disclosed on Friday that it experienced a cyberattack last week that potentially impacted the supplemental insurance company’s data. The Georgia-based company identified unauthorized access on its network on June 12 and initiated its cybersecurity incident response protocols, believing it contained the intrusion within hours. Aflac stated that its business remains operational and its systems were not affected by ransomware.
This incident marks the third insurance company to publicly disclose an attack on its network in the past eight days. Erie Insurance and Philadelphia Insurance Companies were previously hit in a five-day period starting June 7. While Aflac doesn’t know if Scattered Spider was responsible for the attack, the characteristics are consistent with the financially motivated threat group.
Aflac’s Response and Investigation
Aflac said in a news release that the attack was caused by a sophisticated cybercrime group using social engineering tactics to gain access to their network. The company’s investigation is in its early stages, and a review of potentially impacted files, including claims information, health information, Social Security numbers, and other personal information, is ongoing.
Industry-Wide Threat
The cyberattack on Aflac follows a warning from Google Threat Intelligence Group about Scattered Spider targeting the insurance sector. John Hultquist, chief analyst at Google Threat Intelligence Group, noted that the insurance industry should be on high alert, especially for social engineering schemes targeting help desks and call centers.
The image shows a typical scene unrelated to Aflac or the cyberattack, but illustrates the broader impact of such incidents on businesses and consumers.
Scattered Spider is known for focusing on one sector at a time, resulting in a wave of extortion attacks on companies in the same industry. The group’s recent activities have shifted from retailers to insurance companies, raising concerns about the potential for further attacks.
Aflac and other affected insurance companies are working to contain and recover from these cyberattacks, which highlight the growing threat to the industry.
