Aflac, one of many largest insurance coverage firms in the US, says hackers stole an unknown amount of its clients’ private info from its community throughout a cyberattack earlier this month.
The insurance coverage big confirmed Friday in a legally required filing with the U.S. Securities and Change Fee that the corporate recognized hackers in its system on June 12 and contained the incident. Aflac, which supplies supplemental insurance coverage to people whose bills aren’t coated by their major suppliers, mentioned it was not but identified what number of clients are affected by the info breach, however that the non-public knowledge consists of clients’ claims, comparable to Social Safety numbers and well being info.
The breach additionally included knowledge from Aflac’s beneficiaries, workers, and brokers, the corporate mentioned.
Aflac mentioned its techniques weren’t affected by ransomware, however attributed the breach to an unspecified cybercrime group identified to be focusing on the U.S. insurance coverage trade. In response to its Friday press release, Aflac mentioned the hackers used social engineering ways to interrupt into its community.
An Aflac spokesperson, who didn’t present their identify, declined to reply TechCrunch’s questions when reached by e-mail on Monday.
Aflac, which has round 50 million clients per the company’s website, is the newest U.S. insurance coverage firm to expertise a cyberattack in latest weeks, amid warnings that hackers are focusing on the broader insurance coverage trade.
John Hultquist, the chief analyst for Google’s risk intelligence unit, mentioned final week that the unit was “conscious of a number of intrusions” within the U.S. that bear the hallmarks of exercise linked to Scattered Spider, a loose-knit collective of hackers and ways that depend on social engineering ways and typically threats of violence to focus on firm assist desks and name facilities so as to acquire entry to their networks.
The hackers are additionally reportedly behind the latest intrusions at Erie Insurance and Philadelphia Insurance Companies, which disclosed cyberattacks this month, with disruption ongoing.
The hackers linked to Scattered Spider assaults are identified to be financially motivated, and have been beforehand linked to cyberattacks and intrusions at tech giants, casinos, and accommodations, and recent data breaches throughout the U.Okay. and U.S. retail sector.