Aflac Data Breach Exposes 22.65 Million Customers’ Personal Information
In June, U.S. insurance giant Aflac made headlines when it revealed that it had fallen victim to a data breach. Hackers managed to access customers’ personal information, including sensitive data such as Social Security numbers and health information. At the time, the company did not disclose the number of individuals affected by the breach.
Recently, Aflac confirmed that approximately 22.65 million people have been impacted by the cyberattack. The company has initiated the process of notifying these individuals about the breach.
According to a filing submitted to the Texas attorney general, the stolen data comprises customer names, dates of birth, home addresses, government-issued ID numbers (such as passports and state ID cards), driver’s license numbers, Social Security numbers, as well as medical and health insurance details.
In another filing with the Iowa attorney general, Aflac suggested that the cybercriminals involved in the breach could be associated with a known cyber-criminal organization. Law enforcement agencies and cybersecurity experts have indicated that this group may have been specifically targeting the insurance industry.
It is speculated that the group referred to by Aflac, known as Scattered Spider, a collective of young English-speaking hackers, was actively pursuing insurance companies during the time of the breach.
Despite multiple attempts to reach out for comment, a spokesperson for Aflac did not respond to JS’s inquiries regarding the incident.
With approximately 50 million customers, as stated on its official website, Aflac is one of the largest insurance providers in the United States.
Techcrunch Event
San Francisco
|
October 13-15, 2026
It’s important to note that Aflac was not the only insurance company affected by cyberattacks during this period. Other companies, such as Erie Insurance and Philadelphia Insurance Companies, also reported data breaches around the same time.
