US insurance coverage big Aflac says prospects’ private knowledge stolen throughout cyberattack

Aflac, one of many largest insurance coverage corporations in the USA, says hackers stole an unknown amount of its prospects’ private data from its community throughout a cyberattack earlier this month. 

The insurance coverage big confirmed Friday in a legally required submitting with the U.S. Securities and Alternate Fee that the corporate recognized hackers in its system on June 12 and contained the incident. Aflac, which supplies supplemental insurance coverage to people whose bills should not coated by their main suppliers, stated it was not but recognized what number of prospects are affected by the information breach however that the non-public knowledge consists of prospects’ claims, equivalent to Social Safety numbers and well being data.

The breach additionally included knowledge from Aflac’s beneficiaries, workers, and brokers, the corporate stated.

Aflac stated its methods weren’t affected by ransomware, however attributed the breach to an unspecified cybercrime group recognized to be concentrating on the U.S. insurance coverage trade. In accordance with its Friday press launch, Aflac stated the hackers used social engineering techniques to interrupt into its community. 

An Aflac spokesperson, who didn’t present their title, declined to reply TechCrunch’s questions when reached by electronic mail on Monday.

Aflac, which has round 50 million prospects per the corporate’s web site, is the most recent U.S. insurance coverage firm to expertise a cyberattack in current weeks, amid warnings that hackers are concentrating on the broader insurance coverage trade. 

John Hultquist, the chief analyst for Google’s menace intelligence unit, stated final week that the unit was “conscious of a number of intrusions” within the U.S. that bear the hallmarks of exercise linked to Scattered Spider, a loose-knit collective of hackers and techniques that depend on social engineering techniques and typically threats of violence to focus on firm assist desks and name facilities in an effort to achieve entry to their networks.

The hackers are additionally reportedly behind the current intrusions at Erie Insurance coverage and Philadelphia Insurance coverage Firms, which disclosed cyberattacks this month, with disruption ongoing.

The hackers linked to Scattered Spider assaults are recognized to be financially motivated and have been beforehand linked to cyberattacks and intrusions at tech giants, casinos, and accommodations, and up to date knowledge breaches throughout the U.Okay. and U.S. retail sector.