Cyberattacks on insurance companies in the U.S. are continuing as Aflac reported to the Securities and Exchange Commission (SEC) on June 20 that it discovered an attack on its network June 12.The company said the recent attack — like many others U. S. insurance companies are experiencing — was caused by a sophisticated cybercrime group via social engineering tactics.“This was part of a cybercrime campaign against the insurance industry,” said Aflac in a Friday press release.Aflac told its customers that the company contained the attack "within hours" and that its systems were not affected by ransomware. However, the company said the following file types were potentially impacted: claims information, health information, Social Security numbers, and/or other personal information, related to customers, beneficiaries, employees, agents, and other individuals in its U.S. business.While Aflac did not disclose which group was responsible, nor how many customers were affected, the news was four days after the Google Threat Intelligence Group said it was aware of “multiple” intrusions into U.S. insurance firms that bear the hallmarks of the Scattered Spider ransomware group.The June 16 news represented a shift from Scattered Spider’s recent focus on retail operations, most notably attacks on Marks & Spencer in the UK and Victoria’s Secret in the United States.Previously reported attacks on the insurance industry include an attack on Erie Insurance, first reported on June 8, and an attack on the insurance arm of Swedish manufacturer Scania, reported on June 16.Chris Gray, Field CTO at Deepwatch, said the attacks are certainly a continuation of the previously reported attacks on the insurance industry, as well as those conducted earlier against retail. That said, we have to view them for what they are: an evolution.“The attackers, whoever they are, won't keep using the same methodologies,” said Gray. “While we've got to learn from the past efforts, security teams have to put on their detective hats.”Gray added that the attacks indicate a shift to target the most vulnerable and malleable security tool at organizations: people. Anyone who has ever seen people cheer because they scored a 70% on an anti-phishing training exam understands the problem here, said Gray. "You may have passed on a high school test scale, but you gave away your identity and finances,” said Gray. “Anything less than a 100% is a fail.”Ted Miracco, chief executive officer at Approov, said Alfac’s swift response and transparent disclosure following the June 12 breach are both commendable and somewhat atypical. He said the use of social engineering to gain network access is part of a growing trend we’re seeing across the insurance and broader financial services sector.“These attacks are often aided by agentic AI, as attackers are targeting the human element, at scale, to bypass perimeter defenses and exfiltrate sensitive data such as health records and social security numbers,” said Miracco. “This reinforces the urgent need for a layered security approach, particularly in mobile-first environments, where phishing-resistant authentication, runtime app protection, and robust API shielding are most essential.”
Vulnerability Management, Breach, Threat Intelligence
Aflac among victims in cyberattacks targeting US insurance industry
(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds