U.S. insurance giant Aflac has confirmed that hackers stole personal and sensitive health information belonging to around 22.6 million people in a cyberattack disclosed earlier this year.
The company began notifying affected customers this week.
In regulatory filings, Aflac said the stolen data includes names, dates of birth, home addresses, Social Security numbers, driver’s license details, passport numbers, and medical and health insurance information. The breach was first revealed in June, but the company did not initially disclose how many people were impacted.
According to a filing with the Iowa attorney general, the attackers may be linked to a known cybercriminal organization that has been actively targeting the insurance sector. Federal law enforcement agencies and third-party cybersecurity experts are assisting with the investigation.
Security researchers believe the attack may be connected to Scattered Spider, a loose group of mostly English-speaking hackers known for high-profile attacks on large companies. The group was actively targeting insurance firms around the time of the breach, increasing concerns about ongoing risks across the industry.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
