Aflac, one of the largest U.S. insurance firms, revealed that hackers accessed an undetermined amount of customer personal data during a cyberattack earlier this month.
In a mandatory filing with the U.S. In a Friday filing with the SEC, Aflac said it detected unauthorized access on June 12 and quickly contained the breach. The extent of affected customers remains unknown, but stolen data includes Social Security numbers and medical information.
Breach Impacts Beneficiaries, Employees, and Agents
Aflac said the breach also compromised data belonging to its beneficiaries, employees, and agents.
The company ruled out ransomware and blamed the attack on an unnamed cybercriminal group that actively targets the U.S. insurance sector. In a press release issued Friday, Aflac stated that the hackers gained access using social engineering techniques.
A company spokesperson, who remained unnamed, declined to respond to TechCrunch’s inquiries via email on Monday.
Aflac Joins Growing List of U.S. Insurers Targeted by Cyberattacks
With about 50 million customers, according to its website, Aflac becomes the latest U.S. insurer to suffer a cyberattack as hackers increasingly target the insurance industry.
John Hultquist, chief analyst at Google’s threat unit, said the team is tracking several U.S. intrusions linked to Scattered Spider, a hacker group known for social engineering and occasional threats to breach help desks and call centers.
This group also likely carried out recent cyberattacks on Erie Insurance and Philadelphia Insurance Companies, which both reported incidents this month that still disrupt operations.
Scattered Spider is known to be financially driven and has previously been linked to cyberattacks on major tech companies, casinos, hotels, and recent data breaches in the U.K. and U.S. retail sectors.
Read the original article on:Techcrunch
Read more:Plasma-Based Armpit Device Aims to Replace Traditional Deodorant