Recommended reading

Aflac could be the latest US insurance giant hit by a Scattered Spider cyberattack

News
By published

Cybercrime group is hitting insurance firms across the US

Caution sign data unlocking hackers. Malicious software, virus and cybercrime, System warning hacked alert, cyberattack on online network, data breach, risk of website
(Image credit: sarayut Thaneerat/ via Getty Images)
  • Insurance giant AFLAC confirms it has been hit with a cyberattack
  • The attack looks to have been by notorious Scattered Spider group
  • Increasingly infamous group targeted multiple UK retailers earlier in 2025

AFLAC (American Family Life Assurance Company), has confirmed in a statement it has suffered a cyber ‘incident’ in which hackers intruded into its network.

AFLAC, the largest supplemental insurance provider in the US, says it was able to stop the intrusion ‘within hours’ and systems were not affected by ransomware.

Whilst AFLAC hasn’t confirmed the source of the breach or who was behind it, the breach exhibits all the signs of a Scattered Spider attack.

Save up to 68% on identity theft protection for TechRadar readers!

Save up to 68% on identity theft protection for TechRadar readers!

TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

Preferred partner (What does this mean?)

View Deal

A wider campaign

The name Scattered Spider will sound familiar to lots of readers, especially given that the group is allegedly behind major and disruptive breaches of UK retailers Marks and Spencer and Co-op, as well as luxury department store Harrods.

Google recently warned the group was aiming its sights on US firms, and urged the US insurance sector to be on high alert for social engineering and credential stuffing attacks.

Insurance companies are particularly at risk as they hold vast amounts of personal data and turn huge profits which can be exploited for ransom.

“This attack, like many insurance companies are currently experiencing, was caused by a sophisticated cybercrime group. This was part of a cybercrime campaign against the insurance industry,” AFLAC’s statement stated.

“The potentially impacted files contain claims information, health information, social security numbers, and/or other personal information, related to customers, beneficiaries, employees, agents, and other individuals in our U.S. business. We remain committed to caring for and supporting our customers.”

Anyone who uses any services hit by this group (or affected by any data breach) should be very wary of any unexpected communications, looking out for social engineering attacks, and should check out the best identity theft protection software to keep safe.

AFLAC is also offering 24 months of free credit monitoring and identity theft protection services for customers who contact their hotline following the breach.

Via BleepingComputer

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.