The health insurance company, serving approximately 50 million customers in the U.S., stated it is still to early to determine the extent of the breach and how many users were affected.

Earlier in the week, the Google Threat Assessment Group issued a warning about “multiple intrusions in the U.S.” exhibiting characteristics associated with Scattered Spider,a ransomware group known for targeting retailers like Marks & Spencer and hacking Las Vegas casinos in September 2023.

John Hultquist, Chief Google analyst, informed The Register that this cybercrime group typically concentrates on one sector at a time. He added,”the insurance industry should be on high alert,especially for social engineering schemes,which target thier help desks and call centers.” Social engineering involves hackers posing as tech support to obtain sensitive details.

Aflac confirmed that social engineering was the cause of the breach. The company clarified that the incident did not involve ransomware, and while they acknowledged a “refined cybercrime group” was responsible, they did not specifically name Scattered Spider.

“The insurance industry should be on high alert, especially for social engineering schemes, which target their help desks and call centers.”

In February 2024, Change Healthcare experienced the largest breach in U.S. healthcare history, impacting over a million users, according to the Department of Health and Health Services. Such incidents can expose medical records, credit card numbers, Social Security numbers, and driver’s licenses.

Aflac has assured its customers that the situation has been addressed using cyber-incident response protocols and that customer service operations will remain unaffected.