Aflac Confirms Hackers Stole Data of 22.65 Million People in Massive Breach
Insurance giant Aflac has confirmed a massive cyberattack resulted in the theft of personal and health data from 22.65 million individuals. The breach is believed to be part of a coordinated campaign targeting the insurance industry.
U.S. insurance giant has confirmed that a disclosed in June compromised the personal data of people. The company, which initially withheld the number of victims, revealed the staggering scale of the breach in a recent filing with the Texas attorney general as it began notifying those affected.
According to the filing, the stolen data is exceptionally sensitive and goes far beyond typical personal identifiers. The compromised information includes customer names, dates of birth, home addresses, Social Security numbers, and driver's license numbers. It also includes other government-issued ID numbers, such as from passports and state ID cards, as well as medical and health insurance information. With a total customer base of around , according to its website, the breach has impacted nearly half of Aflac's clientele.
Aflac stated in a separate filing with the Iowa attorney general that the culprits "may be affiliated with a known cyber-criminal organization." The filing notes that federal law enforcement and third-party experts believe this group was specifically targeting the insurance industry at large.
Evidence suggests the group may be , a collective of young, English-speaking hackers known for targeting the insurance sector around the time of the breach. This incident was not isolated; other companies like Erie Insurance and Philadelphia Insurance Companies were also hacked in the same period. A spokesperson for Aflac did not respond to TechCrunch’s request for comment.
This massive breach highlights a worrying trend: the insurance sector is becoming a high-value target for cybercriminals. Insurers hold a potent combination of financial, personal, and health data, making them a one-stop shop for identity thieves. The incident serves as a stark warning of a systemic vulnerability that requires an industry-wide security overhaul.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
Activist group 'Anna's Archive' claims to have scraped nearly 300TB of data from Spotify, making metadata for millions of tracks available via torrent. Here's what this means for the music industry and data ownership.
France's national postal and banking service, La Poste, suffered a major outage on Monday from a suspected DDoS attack, affecting its website, mobile apps, and online services. The event is the latest in a series of cyberattacks targeting French infrastructure.
Activist group Anna's Archive alleges it scraped 86 million songs from Spotify, totaling 300TB, with plans for a torrent release. Spotify says it has disabled the accounts involved and implemented new safeguards.
Uzbekistan's entire national vehicle surveillance system was discovered exposed online, password-free. The leak compromises millions of records, including photos, videos, and detailed travel histories, posing a major privacy and security threat.
Activist group 'Anna's Archive' claims to have scraped nearly 300TB of data from Spotify, making metadata for millions of tracks available via torrent. Here's what this means for the music industry and data ownership.
France's national postal and banking service, La Poste, suffered a major outage on Monday from a suspected DDoS attack, affecting its website, mobile apps, and online services. The event is the latest in a series of cyberattacks targeting French infrastructure.
Activist group Anna's Archive alleges it scraped 86 million songs from Spotify, totaling 300TB, with plans for a torrent release. Spotify says it has disabled the accounts involved and implemented new safeguards.
Uzbekistan's entire national vehicle surveillance system was discovered exposed online, password-free. The leak compromises millions of records, including photos, videos, and detailed travel histories, posing a major privacy and security threat.