In June, U.S. insurance coverage large Aflac disclosed a data breach the place hackers stole prospects’ private data, together with Social Safety numbers and well being data, with out saying what number of victims have been affected.
On Tuesday, the corporate confirmed it has begun notifying round 22.65 million folks whose knowledge was stolen through the cyberattack.
In a submitting with the Texas legal professional common, Aflac stated that the stolen knowledge consists of buyer names, dates of beginning, residence addresses, government-issued ID numbers (reminiscent of passports and state ID playing cards) and driver’s license numbers, and Social Safety numbers, in addition to medical and medical health insurance data.
And, in a submitting with the Iowa legal professional common, Aflac stated that the cybercriminals chargeable for the breach “could also be affiliated with a recognized cyber-criminal group; federal regulation enforcement and third-party cybersecurity consultants have indicated that this group could have been focusing on the insurance coverage business at giant.”
On condition that Scattered Spider, an amorphous collective of primarily younger English-speaking hackers, was focusing on the insurance coverage business on the time of the breach, it’s probably that that is the group Aflac is referring to.
A spokesperson for Aflac didn’t reply to information.killnetswitch’s request for remark.
The corporate says it has round 50 million prospects in response to its official web site.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
Aflac was certainly one of a number of insurance coverage corporations hacked at across the similar time, together with data breaches at Erie Insurance coverage and Philadelphia Insurance coverage Corporations.
