STOCK TITAN
  1. Home
  2. News
  3. AFL
  4. Aflac Incorporated Discloses Cybersecurity Incident

Aflac Incorporated Discloses Cybersecurity Incident

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Negative)
Tags
Rhea-AI Summary
Aflac Incorporated (NYSE: AFL) disclosed a cybersecurity incident detected on June 12, 2025, where unauthorized access was gained through social engineering tactics. The company stopped the intrusion within hours and confirmed no ransomware was involved. The attack was part of a broader cybercrime campaign targeting the insurance industry. While business operations remain functional, preliminary findings indicate potentially compromised data includes claims information, health information, social security numbers, and personal information of customers, beneficiaries, employees, and agents. As a precautionary measure, Aflac is offering free 24-month credit monitoring, identity theft protection, and Medical Shield to affected individuals through a dedicated call center at 1-855-361-0305.
Aflac Incorporated (NYSE: AFL) ha comunicato un incidente di sicurezza informatica rilevato il 12 giugno 2025, in cui è stato ottenuto un accesso non autorizzato tramite tattiche di ingegneria sociale. L'azienda ha interrotto l'intrusione entro poche ore e ha confermato che non è stato coinvolto alcun ransomware. L'attacco faceva parte di una campagna di cybercrime più ampia rivolta al settore assicurativo. Sebbene le operazioni aziendali siano rimaste funzionali, le prime indagini indicano che i dati potenzialmente compromessi includono informazioni sulle richieste di risarcimento, dati sanitari, numeri di previdenza sociale e informazioni personali di clienti, beneficiari, dipendenti e agenti. Come misura precauzionale, Aflac offre gratuitamente per 24 mesi il monitoraggio del credito, la protezione contro il furto d'identità e Medical Shield alle persone coinvolte, tramite un call center dedicato al numero 1-855-361-0305.
Aflac Incorporated (NYSE: AFL) informó sobre un incidente de ciberseguridad detectado el 12 de junio de 2025, en el que se obtuvo acceso no autorizado mediante tácticas de ingeniería social. La compañía detuvo la intrusión en pocas horas y confirmó que no hubo ransomware involucrado. El ataque formaba parte de una campaña de ciberdelincuencia más amplia dirigida a la industria de seguros. Aunque las operaciones comerciales continúan funcionando, los hallazgos preliminares indican que los datos posiblemente comprometidos incluyen información de reclamaciones, datos de salud, números de seguridad social e información personal de clientes, beneficiarios, empleados y agentes. Como medida preventiva, Aflac ofrece 24 meses gratuitos de monitoreo de crédito, protección contra robo de identidad y Medical Shield a las personas afectadas a través de un centro de llamadas dedicado al 1-855-361-0305.
Aflac Incorporated(NYSE: AFL)는 2025년 6월 12일 사회공학 기법을 통한 무단 접근이 감지된 사이버 보안 사고를 공개했습니다. 회사는 수 시간 내에 침입을 차단했으며 랜섬웨어는 관련되지 않았음을 확인했습니다. 이번 공격은 보험 업계를 겨냥한 광범위한 사이버 범죄 캠페인의 일환이었습니다. 비즈니스 운영은 정상적으로 유지되고 있으나, 초기 조사 결과 청구 정보, 건강 정보, 사회보장번호 및 고객, 수혜자, 직원, 대리인의 개인 정보가 잠재적으로 유출된 것으로 나타났습니다. 예방 조치로 Aflac는 피해자들에게 24개월간 무료 신용 모니터링, 신원 도용 방지 및 Medical Shield 서비스를 전용 콜센터(1-855-361-0305)를 통해 제공하고 있습니다.
Aflac Incorporated (NYSE : AFL) a révélé un incident de cybersécurité détecté le 12 juin 2025, au cours duquel un accès non autorisé a été obtenu via des tactiques d'ingénierie sociale. L'entreprise a stoppé l'intrusion en quelques heures et confirmé qu'aucun ransomware n'était impliqué. Cette attaque faisait partie d'une campagne de cybercriminalité plus large visant le secteur de l'assurance. Bien que les opérations commerciales restent fonctionnelles, les premières constatations indiquent que les données potentiellement compromises incluent des informations sur les réclamations, des données de santé, des numéros de sécurité sociale et des informations personnelles de clients, bénéficiaires, employés et agents. Par mesure de précaution, Aflac offre gratuitement pendant 24 mois une surveillance de crédit, une protection contre le vol d'identité et Medical Shield aux personnes concernées via un centre d'appel dédié au 1-855-361-0305.
Aflac Incorporated (NYSE: AFL) gab am 12. Juni 2025 einen Cybersecurity-Vorfall bekannt, bei dem durch Social-Engineering-Taktiken unbefugter Zugriff erlangt wurde. Das Unternehmen stoppte den Einbruch innerhalb weniger Stunden und bestätigte, dass keine Ransomware beteiligt war. Der Angriff war Teil einer größeren Cyberkriminalitätskampagne, die die Versicherungsbranche ins Visier nahm. Obwohl der Geschäftsbetrieb weiterhin funktioniert, deuten erste Erkenntnisse darauf hin, dass möglicherweise Daten kompromittiert wurden, darunter Schadensmeldungen, Gesundheitsdaten, Sozialversicherungsnummern sowie persönliche Informationen von Kunden, Begünstigten, Mitarbeitern und Agenten. Vorsorglich bietet Aflac betroffenen Personen eine 24-monatige kostenlose Kreditüberwachung, Identitätsschutz und Medical Shield über ein spezielles Callcenter unter 1-855-361-0305 an.
Positive
  • Quick incident response - intrusion was stopped within hours of detection
  • Business operations remain fully functional with no ransomware impact
  • Company proactively offering free 24-month credit monitoring and identity protection services
  • Systems continue to process claims and underwrite policies without disruption
Negative
  • Unauthorized access gained to sensitive customer and employee data including SSNs and health information
  • Exact number of affected individuals still unknown
  • Part of a broader cybercrime campaign targeting insurance companies
  • Social engineering vulnerability exposed security weaknesses

Insights

Aflac's data breach exposes sensitive information, bringing regulatory risks and remediation costs despite prompt containment.

This cybersecurity incident at Aflac represents a significant security breach with potential material implications. While the company deserves credit for detecting and containing the intrusion within hours, the compromise of highly sensitive data—including health information and social security numbers—triggers substantial concerns. The unauthorized access to such regulated data likely activates reporting requirements under multiple state data breach notification laws and potentially HIPAA regulations.

The attack methodology aligns with current threat landscapes—social engineering remains one of the most effective vectors despite technological defenses. This speaks to the persistent challenge of the human element in security architectures. The fact that this was part of a broader campaign targeting multiple insurers suggests a sophisticated threat actor specifically targeting the sector for its valuable data assets.

Several key risk factors stand out from this disclosure: First, the potentially compromised data includes the most sensitive categories of personal information (health data, SSNs), which carry heightened regulatory scrutiny. Second, the offering of 24-month credit monitoring services indicates Aflac anticipates significant impact, as such services typically cost $10-25 per affected individual. Third, the lack of specificity regarding affected population size suggests the investigation remains in early stages.

While operations continuing without disruption is positive, and the absence of ransomware limits operational impact, the potential regulatory penalties, legal liabilities, remediation costs, and reputational damage cannot be overlooked. Similar incidents in the insurance sector have resulted in substantial financial impacts extending for multiple quarters.

COLUMBUS, Ga., June 20, 2025 /PRNewswire/ -- On June 12, 2025, Aflac Incorporated (NYSE: AFL) identified suspicious activity on our network in the United States. We promptly initiated our cyber incident response protocols and stopped the intrusion within hours. Importantly, our business remains operational, and our systems were not affected by ransomware. We continue to serve our customers as we respond to this incident and can underwrite policies, review claims, and otherwise service our customers as usual. This attack, like many insurance companies are currently experiencing, was caused by a sophisticated cybercrime group. This was part of a cybercrime campaign against the insurance industry. 

We have engaged leading third-party cybersecurity experts to support our response to this incident. While the investigation remains in its early stages, in the spirit of transparency and care for our customers, we are sharing that our preliminary findings indicate that the unauthorized party used social engineering tactics to gain access to our network. Additionally, we have commenced a review of potentially impacted files. It is important to note that the review is in its early stages, and we are unable to determine the total number of affected individuals until that review is completed. The potentially impacted files contain claims information, health information, social security numbers, and/or other personal information, related to customers, beneficiaries, employees, agents, and other individuals in our U.S. business. We remain committed to caring for and supporting our customers. While our teams work to review the potentially impacted data and determine the specific information involved, we are offering any individual who contacts our dedicated call center free credit monitoring and identity theft protection, and Medical Shield for 24 months. 

Please call our call center at 1-855-361-0305 which will open starting on June 20 at 8:00 a.m. Eastern Time. Our call center will be available Monday through Friday from 9:00 a.m. to 9:00 p.m. Eastern Time, Saturday from 9:00 a.m. to 5:30 p.m. Eastern Time and Sundays from 10:00 a.m. to 4:00 p.m. Eastern Time until the end of June and excluding major U.S. holidays. 

We regret that this incident occurred. We will be working to keep our stakeholders informed as we learn more and continue investigating the incident. 

ABOUT AFLAC INCORPORATED 
Aflac Incorporated (NYSE: AFL), a Fortune 500 company, has helped provide financial protection and peace of mind for nearly seven decades to millions of policyholders and customers through its subsidiaries in the U.S. and Japan. In the U.S., Aflac is the No. 1 provider of supplemental health insurance products.1 In Japan, Aflac Life Insurance Japan is the leading provider of cancer and medical insurance in terms of policies in force. The company takes pride in being there for its policyholders when they need us most, as well as being included in the World's Most Ethical Companies by Ethisphere for 19 consecutive years (2025) and Fortune's World's Most Admired Companies for 24 years (2025). In addition, the company became a signatory of the Principles for Responsible Investment (PRI) in 2021 and has been included in the Dow Jones Sustainability North America Index (2024) for 11 years. To find out how to get help with expenses health insurance doesn't cover, get to know us at aflac.com or aflac.com/español. Investors may learn more about Aflac Incorporated and its commitment to corporate social responsibility and sustainability at investors.aflac.com under "Sustainability."

LIMRA 2023 U.S. Supplemental Health Insurance Total Market Report 

Media Contact: mediarelations@aflac.com 

(PRNewsfoto/Aflac)

 

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/aflac-incorporated-discloses-cybersecurity-incident-302487036.html

SOURCE Aflac

FAQ

What type of data was compromised in the Aflac (AFL) cybersecurity incident?

The potentially compromised data includes claims information, health information, social security numbers, and personal information of customers, beneficiaries, employees, agents, and other individuals in Aflac's U.S. business.

How is Aflac (AFL) responding to the June 2025 cyber attack?

Aflac stopped the intrusion within hours, engaged cybersecurity experts, maintained business operations, and is offering 24-month free credit monitoring, identity theft protection, and Medical Shield to affected individuals.

What services is Aflac offering to those affected by the 2025 data breach?

Aflac is offering free 24-month credit monitoring, identity theft protection, and Medical Shield through their dedicated call center at 1-855-361-0305.

Was Aflac's business operations affected by the June 2025 cyber incident?

No, Aflac's business operations remain fully functional, with systems able to underwrite policies, review claims, and service customers as usual.

How did hackers gain access to Aflac's systems in the 2025 breach?

The unauthorized access was gained through social engineering tactics as part of a broader cybercrime campaign targeting the insurance industry.
Stock AFL logo
Aflac Inc

NYSE:AFL

AFL Rankings

#258 Ranked by Market Cap
#1393 Ranked by Dividends

AFL Latest News

May 6, 2025
Aflac expands partnership with Empathy to offer enhanced legacy planning services with LifeVault™
Apr 30, 2025
Aflac Incorporated Announces First Quarter Results, Reports First Quarter Net Earnings of $29 Million, Declares Second Quarter Dividend
Apr 23, 2025
9 in 10 Americans have put off health checkups and screenings that could help save their lives
Apr 3, 2025
Aflac Incorporated to Release First Quarter Results and CFO Video Update on April 30, 2025 and Host Webcast on May 1, 2025
Mar 18, 2025
TOGETHXR and Aflac Put More Ducks in a Row for Women's Sports

AFL Stock Data

54.79B
483.96M
10.32%
60.38%
1.67%
Insurance - Life
Accident & Health Insurance
Link
United States
COLUMBUS

Related Articles

Continue reading with these related stories

View All Latest News