Aflac Data Breach: Customer Data Stolen in Cyberattack

Aflac Data Breach: Customer Information Compromised

Aflac, a leading insurance provider in the United States, has reported a cybersecurity incident resulting in the theft of an undetermined amount of customer personal information. This breach occurred earlier this month, impacting the company’s network.

Incident Details and Containment

The insurance company officially confirmed the incident in a filing with the U.S. Securities and Exchange Commission on Friday. Aflac detected the unauthorized access on June 12th and promptly took steps to contain the breach.

While the exact number of affected customers remains unknown, the compromised data includes sensitive details found within customer claims. This encompasses information such as Social Security numbers and protected health information.

Scope of the Breach

The impact of this cyberattack extends beyond policyholders. Data belonging to Aflac’s beneficiaries, employees, and agents was also included in the information accessed by the attackers.

Attack Vector and Attribution

Aflac has stated that its systems were not impacted by ransomware. However, the breach is attributed to a specific cybercrime group actively targeting organizations within the U.S. insurance sector.

According to Aflac’s press release, the attackers successfully gained access to the network through the utilization of social engineering tactics.

Company Response and Limited Disclosure

An Aflac spokesperson declined to provide further details regarding the incident when contacted by TechCrunch via email on Monday. No name was provided with the response.

Industry-Wide Trend

With approximately 50 million customers, as stated on its website, Aflac is the latest U.S. insurance company to fall victim to a cyberattack in recent weeks. This incident occurs amidst growing warnings about increased targeting of the insurance industry by malicious actors.

Connection to Scattered Spider

John Hultquist, chief analyst for Google’s threat intelligence unit, reported last week that his team is tracking multiple intrusions within the U.S. These intrusions exhibit characteristics linked to Scattered Spider.

Scattered Spider is described as a loosely organized group employing social engineering tactics, and sometimes even threats of violence, to compromise company help desks and call centers. This allows them to gain unauthorized network access.

Recent Attacks and Motives

The same hacking group is suspected of being responsible for recent intrusions at Erie Insurance and Philadelphia Insurance Companies, both of which disclosed cyberattacks earlier this month. Disruptions are still ongoing at these companies.

The actors associated with Scattered Spider are primarily motivated by financial gain. They have a history of involvement in cyberattacks targeting various sectors, including technology, casinos, hotels, and retail businesses in both the U.K. and the U.S.