On Friday, American insurance giant Aflac announced that its systems were breached as part of a larger wave of cyberattacks targeting insurance companies across the United States. The breach, which potentially involved the theft of personal and health information, has raised alarms within the industry as Aflac grapples with the implications of this security incident.
Aflac, the largest supplemental insurance provider in the U.S. and listed among Fortune 500 companies, confirmed that its network was not compromised by ransomware. However, it remains unclear whether ransomware was deployed but thwarted during the attempted breach, or if the incursion primarily aimed at data theft. The company has swiftly implemented its cyber incident response protocols and reported that all operations are running smoothly.
In its public statement, Aflac reassured stakeholders that it continues to provide customer services, including underwriting policies and reviewing claims. Aflac specified that the attack appears to stem from a sophisticated cybercrime group, calling attention to the growing trend of cyber threats facing the insurance sector. In a press release, the company expressed, “This attack, like many insurance companies are currently experiencing, was caused by a sophisticated cybercrime group. This was part of a cybercrime campaign against the insurance industry.”
Following the discovery of the breach, Aflac has engaged external cybersecurity experts to thoroughly investigate the incident and review potentially compromised files. According to a filing with the U.S. Securities and Exchange Commission (SEC), the exposed documents could contain a variety of sensitive information spanning customer claims, health data, and social security numbers.
The breach has notable similarities to the activities of ‘Scattered Spider,’ a notorious group adept at executing sophisticated social engineering attacks against high-profile organizations worldwide. According to cybersecurity experts, this group has increasingly targeted the insurance industry, and Aflac’s spokesperson indicated that the breach displays trademarks of a Scattered Spider attack. This group has previously been linked to significant breaches involving entities like MGM Resorts and various other major corporations.
As warnings regarding the insurance industry escalate, experts are urging organizations to remain vigilant against potential social engineering tactics aimed at help desks and customer service teams. John Hultquist, Chief Analyst at Google Threat Intelligence Group, emphasized that the sector should heed the warnings and bolster defenses accordingly, particularly in light of Scattered Spider’s history of concentrating attacks on single sectors at a time.