Aflac, the largest US insurance provider for supplemental health insurance, has been breached by a sophisticated cybercrime group known as Scattered Spider. The hackers potentially stole sensitive information including Social Security numbers, insurance claims, and health records.
The incident is part of a spree of hacks against the US insurance industry, leaving many companies on edge. Other affected companies include Erie Insurance and Philadelphia Insurance Companies. Aflac stated that it stopped the intrusion within hours after discovering the breach last week, without deploying ransomware, and continues to serve its customers.
Scattered Spider, a young and aggressive cybercrime group, used social engineering tactics to gain access to Aflac’s network. They posed as tech support to infiltrate big corporations. The group has been linked to previous multimillion-dollar hacks on Las Vegas casinos and hotels, and is known for targeting multiple industries simultaneously.
Cybersecurity experts warn that Scattered Spider poses a significant threat due to its speed and unpredictability. If you suspect your industry is being targeted by Scattered Spider, contact authorities immediately. The group’s tactics include registering web domains that resemble trusted IT support websites, making it difficult for companies to distinguish between legitimate and malicious communications.
Source: https://edition.cnn.com/2025/06/20/tech/aflac-cyberattack