Aflac, a major US insurance company with tens of millions of customers and a $55 billion market cap, reported a significant data breach Friday, potentially compromising sensitive customer information including Social Security numbers, insurance claims, and health data. The cyberattack, attributed to a sophisticated cybercrime group, is the latest in a series of breaches targeting the US insurance industry.
Details of the Breach
Aflac disclosed that the breach was caused by “social engineering” tactics, where hackers manipulated employees into granting access to company systems, often by posing as tech support workers over the phone. The intrusion was detected on June 12, and the company promptly stopped the breach hours later. Despite the attack, Aflac’s systems were not affected by ransomware, and the company remains fully operational.
The full extent of the breach remains unclear, with Aflac stating it cannot determine the total number of impacted individuals or the specific data stolen. The company has engaged third-party cybersecurity experts to investigate the incident.
Connection to Scattered Spider Group
Sources familiar with the investigation told CNN that this breach, along with recent hacks at Erie Insurance and Philadelphia Insurance Companies, show characteristics consistent with the methods used by a cybercriminal group known as Scattered Spider. This group, believed to comprise teens and young adults in the US and UK, is known for its aggressive extortion tactics and has previously targeted various high-profile victims, including Las Vegas casinos and UK retailers.
The US Cybersecurity & Infrastructure Security Agency has previously warned about Scattered Spider’s tactics, which include posing as help desk staff to obtain employee credentials or tricking workers into installing malicious tools on their devices.
Industry Response
Cybersecurity executives have raised alarms about the group’s attacks on the US insurance industry, advising companies to educate employees about being cautious with suspicious phone calls. While Aflac did not explicitly name Scattered Spider in their press release, the breach’s characteristics align with the group’s known methods.
As the investigation continues, Aflac’s prompt response and engagement of cybersecurity experts aim to mitigate the breach’s impact. The incident highlights the growing threat of sophisticated cyberattacks on major corporations and the importance of robust cybersecurity measures.
