Aflac said Friday that cybercriminals violated their computer systems, possibly revealing some of the most personalized data from a large group of Americans, including social security numbers and health care information, and tagged the latest information in a series of recent online attacks against insurers.
The Columbus, Georgia-based insurance provider said it detected suspicious activity on its U.S. network, responded quickly and managed to stop online intruders “within hours.” Aflac added that its business is still operating and its system is not infected with ransomware.
Aflac is by far the latest largest insurance company for cybercriminals to date. Philadelphia Insurance and Yili Insurance were attacked by cyber attacks this month and have not resumed all operations.
“Like the attacks many insurers are currently experiencing, it is caused by a complex cybercrime group,” Afrak said in a statement. “It is part of a cybercrime campaign targeting the insurance industry.”
Aflac said it is working with external cybersecurity experts to investigate violations. This is in the process of determining which documents may be damaged and those who may be affected. Affected documents may include customer data such as social insurance numbers, insurance claims, health information and other personal details. Information about AFLAC’s employees, agents and others involved in U.S. operations could also be compromised, the company said.
Although the investigation is still in its early stages, Aflac said that attackers seem to gain access to the network through social engineering attacks, rather than breaking into computer systems, attackers often trick employees into cheating their legal registration rates like executives or IT workers.
John Hultquist, chief analyst at Google Threat Intelligence Group, said the recent attacks against insurers “bearable all the signs of the scattered spider-web cybercrime group”, which is linked to high-profile attacks on financial services, telecommunications, Las Vegas casinos and hotels.
“Given the actor’s history of focusing on one industry at a time, the insurance industry should be on high alert, especially for the social engineering program targeting its help desks and call centers,” Hultquist said in a statement.
While it has not been determined who is affected and how severe the damage may be, AFLAC has taken non-contractual steps to provide free credit monitoring, identity theft protection and medical shield coverage for 24 months, providing 855-361-0305 customers to clients contacting their call centers.
Aflac is the largest supplemental health insurance provider in the United States, with a global customer base of about 50 million people.
