Aflac Incorporated, a Fortune 500 insurance company based in Georgia, has confirmed a cybersecurity intrusion on its network. The breach was detected and contained, with the company’s systems remaining operational and unaffected by ransomware, according to a June 20 press release.
The potentially compromised data includes claims information, health information, social security numbers, and other personal details related to customers, beneficiaries, employees, agents, and other individuals associated with Aflac’s U.S. business operations. The exact number of affected individuals remains undetermined.
Aflac attributed the attack to a “sophisticated cybercrime group” targeting the insurance industry, which utilized social engineering tactics to gain unauthorized network access. The company is offering free credit monitoring, identity theft protection, and Medical Shield for 24 months to those who contact their dedicated call center.
Third-party cybersecurity experts are assisting in the ongoing investigation. The breach notification comes as the financial services industry, including insurance companies, remains a prime target for cyber intrusions. Recent reports highlight a significant surge in China-nexus cyber activity across various sectors.
This incident follows similar breaches reported by other insurance companies, such as Kelly Benefits and Oxford Life Insurance Company, which have also faced cybersecurity challenges in recent months.
