Aflac Breach: Another Hit in a Cybercrime Wave
Hackers are at it again. This time, they went after Aflac, one of the biggest names in supplemental health insurance. The breach, revealed last week, may have exposed sensitive data—Social Security numbers, health records, insurance claims.
Aflac moved fast. They stopped the attack within hours. But let’s be real—the damage might already be done.
It’s not just Aflac facing challenges. In the same week, Erie Insurance and Philadelphia Insurance Companies experienced cyberattacks as well. Their IT systems faced significant disruptions. The suspected group behind these incidents? A bold and sophisticated cybercrime organization known as Scattered Spider.
Who is Scattered Spider?
Scattered Spider isn’t your typical cybercrime group. Believed to include members from the U.S. and U.K., this group has made a name for itself by targeting industries one at a time. Their tactics? Social engineering—tricking employees into revealing sensitive information. Think fake tech support calls or phishing emails. Simple, yet devastating.
This isn’t their first rodeo. In 2023, Scattered Spider made headlines for hacking MGM Resorts and Caesars Entertainment, stealing millions. Now, they maybe setting their sights on the insurance sector.
Why the Insurance Industry?
Why insurance? It’s a goldmine of personal data. Social Security numbers, health records, financial information—everything a hacker needs to commit identity theft or sell on the dark web. Plus, insurance companies often rely on complex IT systems, making them vulnerable to sophisticated attacks.
John Hultquist, Chief Analyst at Google’s Threat Intelligence Group, warns, “If Scattered Spider is targeting your industry, get help immediately. They can execute their full attacks in hours.”
UPDATE: 6/23/25 – Aflac has recently admitted that during the June 12 cyberattack, sensitive customer information was compromised, including Social Security numbers, claims data, health information, and other personal details involving customers, beneficiaries, employees, and agents within their U.S. operations. Demonstrating transparency, the company is actively investigating the breach and keeping stakeholders informed of its findings. To address the situation, Aflac has initiated free credit monitoring, identity theft protection, and Medical Shield coverage for two years to assist those potentially affected by the incident.
Aflac’s Response: Quick, But Is It Enough?
Aflac detected the breach on June 12 and immediately activated its cybersecurity protocols. The company claims no ransomware was deployed, and operations remain unaffected. But the investigation is ongoing, and the full extent of the breach is still unclear.
In a statement, Aflac emphasized transparency: “While the investigation remains in its early stages, we are sharing our preliminary findings to ensure our customers are informed.” The company is offering free credit monitoring and identity theft protection to those potentially affected.
Other Recent Breaches
Aflac isn’t alone. Erie Insurance and Philadelphia Insurance Companies were also hit this month. Erie reported “unusual network activity” on June 7, while Philadelphia Insurance disconnected systems after detecting unauthorized access on June 9. Both companies are still recovering.
These attacks follow a pattern. Scattered Spider often targets industries in waves, exploiting similar vulnerabilities across multiple companies. Their methods include phishing, SIM-swapping, and even MFA (multi-factor authentication) fatigue attacks.
The Bigger Picture: A Growing Threat
The insurance industry isn’t the only sector at risk. Scattered Spider has previously targeted retail, hospitality, and even grocery chains. Their ability to adapt and pivot makes them a nightmare for cybersecurity teams.
Experts are urging companies to strengthen their defenses. This includes:
- Training employees to recognize social engineering tactics.
- Implementing multi-factor authentication.
- Monitoring for suspicious activity, like unusual login attempts.
Takeaway for Consumers
What can you do? Stay vigilant. Monitor your accounts for unusual activity. Take advantage of credit monitoring services if offered. And remember, if something feels off—like a suspicious email or phone call—it probably is.
The insurance industry may be under siege, but with awareness and preparation, you can protect yourself from becoming the next victim.