Aflac has disclosed a recent data breach in its U.S. network, raising concerns about the exposure of Social Security numbers, health records, and other sensitive personal information. The insurance giant called the incident part of a larger cybercrime campaign targeting the insurance industry.
According to a company statement issued on Friday, the unauthorized intrusion was identified and stopped within hours. Despite the rapid response, Aflac is still investigating the full scope of the breach and has yet to determine how many individuals were affected.
The compromised files reportedly contain data tied to customers, beneficiaries, employees, agents, and other individuals connected to Aflac’s U.S. business operations. The potentially exposed information includes claims data, health records, and Social Security numbers.
In response, the Columbus, Georgia-based insurer is offering 24 months of free credit monitoring, identity theft protection, and Medical Shield to anyone concerned about their data. Impacted individuals are encouraged to contact Aflac’s customer service center to enroll in these services.
Cyberattacks on the Rise Across Industries
This breach adds Aflac to a growing list of companies hit by sophisticated cyberattacks in recent months. While data breaches have plagued organizations for years, recent incidents targeting retailers and logistics firms have pushed cybersecurity issues into the spotlight.
For example, United Natural Foods, a major distributor for grocers like Whole Foods, recently reported that a cyberattack disrupted its order systems, leaving store shelves short on products. In the U.K., a cyberattack forced Marks & Spencer’s website offline for over six weeks, while Co-op stores reported empty shelves following similar disruptions.
Victoria’s Secret also experienced a breach last month that forced it to shut down its U.S. shopping site and delay quarterly earnings due to system-wide impacts. Meanwhile, The North Face reported a credential stuffing attack affecting 1,500 consumers, although no financial data was compromised.
Aflac Urges Vigilance as Investigation Continues
Aflac emphasized that its core operations remain functional, including the ability to underwrite policies, process claims, and assist customers without interruption. While full details remain under review, the company is moving quickly to notify impacted individuals and reinforce its systems.
Cyberattacks targeting insurers are particularly damaging due to the sensitive nature of the data they hold. With this latest Aflac data breach, the insurance industry faces renewed pressure to harden defenses and prioritize data governance.
As the situation unfolds, Aflac is urging anyone concerned about their data to reach out for support and take advantage of the identity protection resources being provided.
