In June, U.S. insurance giant Aflac disclosed a data breach where hackers stole customers’ personal information, including Social Security numbers and health information, without saying how many victims were affected.
On Tuesday, the company confirmed it has begun notifying around 22.65 million whose data was stolen during the cyberattack.
In a filing with the Texas attorney general, Aflac said that the stolen data includes customer names, dates of birth, home addresses; government-issued ID numbers (such as passports and state ID cards) and driver’s license numbers, and Social Security numbers; as well as medical and health insurance information.
And, in a filing with the Iowa attorney general, Aflac said that the cybercriminals responsible for the breach “may be affiliated with a known cyber-criminal organization; federal law enforcement and third-party cybersecurity experts have indicated that this group may have been targeting the insurance industry at large.”
Given that Scattered Spider, an amorphous collective of primarily young English-speaking hackers, was targeting the insurance industry at the time of the breach, it’s likely that this is the group Aflac is referring to.
A spokesperson for Aflac did not respond to TechCrunch’s request for comment.
The company says it has around 50 million customers according to its official website.
Aflac was one of several insurance companies hacked at around the same time, including data breaches at Erie Insurance and Philadelphia Insurance Companies.
https://www.yahoo.com/news/articles/us-insurance-giant-aflac-says-171404777.html
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.