Cybercriminals have successfully breached Aflac, one of the largest insurance companies in the U.S., potentially compromising sensitive data such as Social Security numbers, health information, and insurance claims, the company revealed Friday. The incident is part of a growing wave of cyberattacks targeting the insurance industry.
With tens of millions of customers and billions in annual revenue, Aflac is the most high-profile victim so far in a string of recent breaches that also includes Erie Insurance and Philadelphia Insurance Companies. These attacks have disrupted IT systems and alarmed industry leaders, while prompting urgent investigations by federal authorities and cybersecurity firms.
Although Aflac didn’t name the perpetrators directly, people familiar with the situation have linked the attack to Scattered Spider—a young, aggressive cybercriminal group known for its social engineering tactics. These attackers often impersonate IT support staff to trick employees into giving up access credentials, a hallmark of the group’s strategy.
In its statement, Aflac said the breach was identified and contained within hours, no ransomware was used, and customer service has continued uninterrupted. However, the full scope of data potentially compromised is still under investigation. As a top provider of supplemental health insurance in the U.S., any data breach at Aflac could have serious consequences for millions of policyholders.
Scattered Spider gained notoriety in 2023 after breaching major Las Vegas hotel and casino chains, causing significant financial damage. Cybersecurity experts warn that the group is highly efficient—capable of executing full-scale attacks in just a few hours, unlike other ransomware gangs that take days.
The group often creates fake websites resembling legitimate IT help desks to trick victims, according to research by cybersecurity firm Halcyon. Experts are urging businesses to train employees to recognize social engineering attempts and be cautious of unsolicited phone calls or emails.
Despite recent headlines focusing on cyber threats from state actors like Iran, experts suggest that groups like Scattered Spider pose a more immediate and active threat. According to cybersecurity analysts, these criminals are already disrupting supply chains and paralyzing businesses across the U.S., underlining the urgency for organizations to bolster their defenses.
