In June, U.S. insurance coverage big Aflac disclosed a knowledge breach the place hackers stole prospects’ private data, together with Social Safety numbers and well being data, with out saying what number of victims have been affected.
On Tuesday, the corporate confirmed it has begun notifying round 22.65 million folks whose information was stolen in the course of the cyberattack.
In a submitting with the Texas lawyer basic, Aflac stated that the stolen information consists of buyer names, dates of beginning, house addresses, government-issued ID numbers (resembling passports and state ID playing cards) and driver’s license numbers, and Social Safety numbers, in addition to medical and medical insurance data.
And, in a submitting with the Iowa lawyer basic, Aflac stated that the cybercriminals accountable for the breach “could also be affiliated with a recognized cyber-criminal group; federal legislation enforcement and third-party cybersecurity consultants have indicated that this group might have been concentrating on the insurance coverage trade at massive.”
Provided that Scattered Spider, an amorphous collective of primarily younger English-speaking hackers, was concentrating on the insurance coverage trade on the time of the breach, it’s doubtless that that is the group Aflac is referring to.
A spokesperson for Aflac didn’t reply to TechCrunch’s request for remark.
The corporate says it has round 50 million prospects in response to its official web site.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
Aflac was considered one of a number of insurance coverage firms hacked at across the similar time, together with information breaches at Erie Insurance coverage and Philadelphia Insurance coverage Firms.
