Close Menu
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

NCSC Shares Tips on How to Make a Pen Tester’s Job Harder

July 2, 2026

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

July 2, 2026

Insurance Giant Aflac Discloses Data Breach Impacting Millions

July 2, 2026
Facebook X (Twitter) Instagram
Thursday, July 2
Facebook X (Twitter) Instagram Pinterest Vimeo
Cyberwire Daily
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice
Cyberwire Daily
Home»News»Insurance Giant Aflac Discloses Data Breach Impacting Millions
News

Insurance Giant Aflac Discloses Data Breach Impacting Millions

Team-CWDBy Team-CWDJuly 2, 2026No Comments3 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email


US insurer Aflac has disclosed a major data breach after hackers managed to access highly sensitive personal and financial information.

The company’s Aflac Japan subsidiary discovered the intrusion on June 25, it said in a filing with the SEC yesterday (June 30). It explained that an “unauthorized third party” had accessed certain systems between June 15 and June 25.

“Although the investigation remains ongoing, Aflac Japan has determined that certain impacted files contain policy and coverage details, personal information, and bank account information,” it revealed.

“This incident is limited to systems in Japan, the company’s systems related to its US business were not accessed by the unauthorized third-party. At this time, the full scope and potential ultimate impact on the company are not known.”

Read more on insurance sector breaches: Third-Party Breach Impacts Majority of Allianz Life US Customers.

A statement posted on Aflac Japan’s website revealed that the incident impacted the firm’s customer portal.

“Please note that some systems are currently shut down to prevent the spread of unauthorized access,” it said (via Google Translate). “However, inquiries and procedures, including claims for insurance benefits and other payments, are being handled as usual through our call center and other channels.”

Among the services currently out of action are reservations for medical check-ups and health screening, and the firm’s AI support concierge.

According to local reports, personal and financial information on nearly 4.4 million customers has been compromised. This includes information about the premium payment accounts of around 230,000 customers.

Another Scattered Spider Attack?

This isn’t the first time Aflac Japan has suffered at the hands of threat actors.

In 2023, Aflac Japan customers’ details were stolen and put up for sale after a third-party US contractor was reportedly breached.

A year ago, the firm suffered another data breach which was claimed to be part of a wider campaign  targeting US insurers thought to be the work of the Scattered Spider group.

Joshua Roback, principal security solution architect at Swimlane, said the latest compromise could also be linked to the notorious extortion group.

“Large insurers are sprawling ecosystems of subsidiaries, support teams, legacy platforms and regional workflows. That gives threat actors more places to test access, reuse lessons from prior campaigns and search for the fastest path back to valuable data,” he said.

“The answer is not just more alerts. Security teams need connected workflows that can turn a signal in one part of the business into action everywhere else. Agentic AI and automation can help prioritize the riskiest activity, trigger containment steps and keep remediation moving before attackers get comfortable.”

Aflac Japan has notified the relevant authorities and claimed that “no misuse of the information related to this incident has been confirmed.”

Image credit:  yu_photo / Shutterstock.com



Source

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleThe Next Layer of Identity Governance
Next Article Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
Team-CWD
  • Website

Related Posts

News

NCSC Shares Tips on How to Make a Pen Tester’s Job Harder

July 2, 2026
News

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

July 2, 2026
News

The Next Layer of Identity Governance

July 2, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views

Why SOC Burnout Can Be Avoided: Practical Steps

November 14, 20259 Views

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

December 1, 20258 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views
Our Picks

Look out for phony verification pages spreading malware

September 14, 2025

How to help older family members avoid scams

October 31, 2025

Beware of threats lurking in booby-trapped PDF files

October 7, 2025

Subscribe to Updates

Get the latest news from cyberwiredaily.com

Facebook X (Twitter) Instagram Pinterest
  • Home
  • Contact
  • Privacy Policy
  • Terms of Use
  • California Consumer Privacy Act (CCPA)
© 2026 All rights reserved.

Type above and press Enter to search. Press Esc to cancel.