Breach cyber

Aflac

Jun 20, 2025 1 min read
Aflac

Aflac, the largest supplemental insurance provider in the U.S., disclosed a breach where attackers may have stolen personal and health information. The network was not affected by ransomware, but sensitive information related to customers, beneficiaries, employees, agents, and other individuals was potentially exposed. The breach was part of a broader campaign targeting insurance companies by a sophisticated cybercrime group, possibly Scattered Spider.

Source: https://www.bleepingcomputer.com/news/security/aflac-discloses-breach-amidst-scattered-spider-insurance-attacks/

TPRM report: https://scoringcyber.rankiteo.com/company/aflac

"id": "afl600062025",
"linkid": "aflac",
"type": "Breach",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Insurance',
                        'location': 'United States',
                        'name': 'Aflac',
                        'size': 'Fortune 500',
                        'type': 'Insurance Company'}],
 'attack_vector': 'Sophisticated cybercrime campaign',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Claims information',
                                              'Health information',
                                              'Social security numbers',
                                              'Other personal information']},
 'description': 'Aflac disclosed a data breach where personal and health '
                'information may have been stolen by attackers targeting '
                'insurance companies across the United States.',
 'impact': {'data_compromised': ['Claims information',
                                 'Health information',
                                 'Social security numbers',
                                 'Other personal information']},
 'motivation': 'Data theft',
 'ransomware': {'data_exfiltration': True},
 'recommendations': ['Pay particular attention to potential social engineering '
                     'attempts on help desks and call centers'],
 'references': [{'source': 'BleepingComputer'}],
 'regulatory_compliance': {'regulatory_notifications': ['U.S. Securities and '
                                                        'Exchange Commission '
                                                        '(SEC)']},
 'response': {'containment_measures': 'Stopped the intrusion within hours',
              'incident_response_plan_activated': True,
              'third_party_assistance': True},
 'threat_actor': ['Scattered Spider',
                  '0ktapus',
                  'UNC3944',
                  'Scatter Swine',
                  'Starfraud',
                  'Muddled Libra'],
 'title': 'Aflac Data Breach',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.