Aflac is warning that a cybercriminal gang briefly breached its systems as part of an ongoing hacking campaign against insurance providers.
Aflac noticed “suspicious activity” on its network on Thursday, June 12, at which point its cybersecurity team stepped in to prevent any malware from being installed.
“We promptly initiated our cyber incident response protocols and stopped the intrusion within hours,” Aflac said in a Friday notice. “Importantly, our business remains operational, and our systems were not affected by ransomware.”
But in some bad news, it’s possible the hackers accessed sensitive data on users. Aflac provides supplemental insurance for 50 million customers across the globe, including in the US.
Although the company’s investigation into the breach remains in the early stages, Aflac said, “The potentially impacted files contain claims information, health information, social security numbers, and/or other personal information, related to customers, beneficiaries, employees, agents, and other individuals in our US business.”
At this point, Aflac is “unable to determine the total number of affected individuals until [its] review is completed,” the company added. However, Aflac says it will offer any concerned users who call the company free credit monitoring and identity theft protection for 24 months. The breach notice includes details on how to call.
This comes after Google’s Mandiant cybersecurity unit warned days earlier that a notorious cybercriminal group called Scattered Spider is targeting US insurance providers. Scattered Spider is perhaps best known for 2023’s hacking of MGM Resorts, which led to a widespread outage at the casino provider. Although law enforcement arrested some of the gang’s membership, the group remains active and has excelled at using social engineering tactics, like pretending to be an employee at a targeted company, to gain access.
Recommended by Our Editors
Aflac couldn’t confirm with certainty if Scattered Spider was involved in the breach because the hackers didn’t identify themselves. But the company noted the attackers used social engineering tactics to gain access to its network, which is consistent with Scattered Spider. “This attack, like many insurance companies are currently experiencing, was caused by a sophisticated cybercrime group. This was part of a cybercrime campaign against the insurance industry,” Aflac added in the statement.
In April, Scattered Spider appeared to be targeting the retail industry, which led the group to reportedly deploy ransomware and steal data from multiple companies in the UK.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
About Michael Kan
Senior Reporter
