Health data possibly exposed in 'sophisticated' cyberattack on Aflac
Private insurer Aflac, which specializes in worker’s compensation, health and life coverage, announced Friday it was the victim of a data breach that may have exposed customers’ private data to hackers.
According to a statement from the company, the attack was discovered on June 12, and was committed by a “sophisticated cybercrime group.” At the time of writing, no known hacker cell has taken credit for the incident.
Aflac said the breach is still being investigated. However, Reuters has reported the company believes Scattered Spider is responsible, as they have a history of cyberattacks on large insurers.
The group, which first made themselves known in 2022, has a tendency to attack multiple organizations at the same time, committing acts of cybercrime in waves.
Recently, Philadelphia Insurance Companies and Erie Indemnity have also reported data breach incidents on their networks, all of which could be from the same group that attacked Aflac. However, an investigation is necessary to determine the facts, Aflac said.
Given the recency of the incident, the company is still unsure what, if any, customer data was taken. However, it does have protected health information on some 50 million individuals in the U.S. and abroad.
Databases also contain names, contact information, and social security numbers, the insurer confirmed. It said it enlisted a cyberforensics company to aid in the investigation and subsequent recovery. Aflac claimed it was able to thwart the breach "within hours," and all its operations are relatively normal, despite the intrusion on its systems.
Criminals used 'social engineering' to conduct attack
Data on employees and agents may also have been accessed and taken, the company confirmed. The company said it is offering free identity theft protection to any customer who wants it, as it works to identify individual victims and uncover the scope of the breach, including any files hackers may have been able to access, view and possibly take offsite.
“While the investigation remains in its early stages, in the spirit of transparency and care for our customers, we are sharing that our preliminary findings indicate that the unauthorized party used social engineering tactics to gain access to our network,” the company said, without elaborating on the specifics.
“Additionally, we have commenced a review of potentially impacted files. It is important to note that the review is in its early stages, and we are unable to determine the total number of affected individuals until that review is completed,” it added.
The nature of the attack remains unknown. This is a developing story.
Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.