Aflac, one of the nation’s biggest insurance providers, disclosed that hackers infiltrated its network earlier this month and stole sensitive personal information belonging to customers.
In a notice filed with the U.S. Securities and Exchange Commission on Friday, the company reported it detected unauthorized access on June 12. The breach was swiftly contained, but the extent of the data exposure remains under investigation.
According to Aflac, the stolen information includes details from insurance claims, which may involve Social Security numbers and health records. In addition to policyholders, data belonging to beneficiaries, employees, and insurance agents was also compromised.
Though ransomware was not involved in this attack, Aflac attributed the incident to a cybercriminal group known for targeting U.S. insurers. The intruders reportedly used social engineering tactics to trick employees into providing access to internal systems.
Aflac, which serves nearly 50 million customers across the country, joins a growing list of insurance companies grappling with cyberattacks this year. The insurance industry has recently faced a surge of threats, with experts warning that more incidents are likely as hackers exploit vulnerabilities in customer service and support operations.
When asked to comment further, an Aflac spokesperson declined to share additional details about the attack or the company’s ongoing response.
Cybersecurity analysts believe this breach may be linked to the hacking collective known as Scattered Spider. According to John Hultquist, chief analyst at Google’s threat intelligence division, multiple intrusions in recent weeks show similarities to this group’s known techniques. Scattered Spider is notorious for using deceptive tactics to gain access to help desks and call centers, sometimes resorting to intimidation or threats to coerce employees into cooperating.
This same hacking group has also been tied to recent breaches at other insurance providers, including Erie Insurance and Philadelphia Insurance Companies, both of which reported cyberattacks in June. In some cases, disruptions are still affecting operations.
Scattered Spider is primarily driven by financial gain and has been involved in numerous attacks on major corporations in sectors ranging from hospitality and retail to technology. Their campaigns have compromised data at casinos, hotels, and retailers in the U.S. and the U.K., underscoring the growing risk facing companies that store large volumes of personal data.
Aflac has not yet released a timeline for when it expects to notify impacted individuals or complete its investigation into the breach.
