Aflac Confirms Major Data Breach Affecting Over 22 Million Customers
In June, U.S. insurance giant Aflac disclosed a data breach where hackers stole customers’ personal information, including Social Security numbers and health information, without saying how many victims were affected.
On Tuesday, the company confirmed it has begun notifying around 22.65 million people whose data was stolen during the cyberattack. This alarming incident has raised significant concerns over data security within the insurance industry.
The Scope of the Breach
According to a recent filing with the Texas attorney general, the compromised data includes a variety of sensitive information. The stolen data encompasses customer names, dates of birth, home addresses, government-issued ID numbers (such as passports and state ID cards), driver’s license numbers, Social Security numbers, as well as medical and health insurance information. The wide-ranging nature of this stolen information poses serious risks to the affected individuals.
Criminal Affiliations
In a separate filing with the Iowa attorney general, Aflac indicated that the cybercriminals responsible for the breach “may be affiliated with a known cyber-criminal organization.” In collaboration with federal law enforcement and third-party cybersecurity experts, it was revealed that this group has been targeting the insurance industry at large. This has sparked concern not only for Aflac but for other companies in the sector as well.
Specifically, reports suggest that a group known as Scattered Spider, a collective of primarily young, English-speaking hackers, was actively targeting the insurance sector during the time of the breach. Given these circumstances, it is plausible that this group is indeed behind the attack on Aflac.
Response and Impact
As of now, Aflac has approximately 50 million customers, according to information on its official website. Despite the breach, the company has not made public statements detailing how it intends to rectify the situation or the security measures it plans to implement going forward. A spokesperson for Aflac did not respond to TechCrunch’s request for comment.
This data breach is not an isolated incident. Aflac joins several other insurance companies, including Erie Insurance and Philadelphia Insurance Companies, that have faced similar attacks around the same time. Such occurrences underscore the vulnerabilities within the insurance sector when it comes to safeguarding customer data.
For more detailed information on this incident, you can read the full report Here.
Image Credit: techcrunch.com
