Health and life insurer Aflac on Friday said it is investigating a breach on its U.S. network that may have exposed customers’ personal information, making it the latest insurance provider to be targeted in a cyberattack.
Aflac said the attack was identified on June 12 and carried out by a sophisticated cybercrime group.
An Aflac spokesperson told Reuters that the characteristics of the incident were consistent with Scattered Spider, a hacking group that has been around since May 2022 and has a reputation for targeting multiple companies in a single industry in waves.
Earlier this week, Google’s chief threat analyst warned the insurance industry to be on high alert from attacks from Scattered Spider. The group is also reportedly behind recent outages at Philadelphia Insurance Companies (PHLY) and Erie Indemnity.
The group’s specialty is identity-based tactics through methods like scamming help desks to reset credentials and bypassing multi-factor authentication, said Steve Cagle, CEO at healthcare security firm Clearwater.
The Aflac spokesperson said the company’s review of the attack was in early stages and it cannot disclose how many customers were affected or how long the investigation would take.
The company offers accident and pet insurance plans in the U.S. and Japan and manages personal, medical and financial data of more than 50 million policyholders.
The attack potentially impacted files containing personal information of Aflac’s customers, such as social security numbers and health-related details.
The insurer said it was able to stop the intrusion within hours and has reached out to third-party cybersecurity experts to investigate the incident.
The company added that it can continue to provide its services as usual while it responds to the security breach.
Last year, UnitedHealth’s Change unit was breached by a hacking group called ALPHV, or “BlackCat”, in one of the worst hacks to hit the U.S. healthcare sector.
