Cybercriminals have breached insurance giant Aflac, potentially compromising Social Security numbers, insurance claims, and sensitive health data, the company confirmed Friday.
“This attack, like many insurance companies are currently experiencing, was caused by a sophisticated cybercrime group,” Aflac stated, though it did not directly name the group behind it.
The breach is part of a growing spree of hacks targeting the U.S. insurance industry, with Erie Insurance and Philadelphia Insurance Companies also reporting similar attacks this month. All three incidents bear the hallmarks of the hacking group known as “Scattered Spider,” known for using “social engineering” to infiltrate networks—often by posing as IT support.
Aflac claims it “stopped the intrusion within hours” and confirmed that no ransomware was deployed. However, the scale of data exposure remains unclear. With millions of customers, Aflac is the largest insurer yet hit in this wave of cyberattacks.
“If Scattered Spider is targeting your industry, get help immediately,” warned Cynthia Kaiser, former FBI cyber division official. “They can execute their full attacks in hours.”
Scattered Spider gained notoriety after high-profile attacks on MGM Resorts and Caesars Entertainment in 2023 and is believed to consist of young hackers from the U.S. and U.K.
“The threat I lose sleep over is Scattered Spider,” said John Hultquist of Google’s Threat Intelligence Group. “They are already taking food off shelves and freezing businesses.”
As concerns over global cyber threats persist, this domestic group’s reach and speed are causing growing alarm.
Discover more from Baller Alert
Subscribe to get the latest posts sent to your email.
