Aflac, the largest provider of supplemental insurance in the United States, has disclosed a cyberattack that affected its systems, according to a June 12, 2025, SEC filing.

Although business operations were not disrupted, the company activated its cybersecurity protocols and contained the breach within hours. Early investigations confirmed that ransomware was not deployed; however, sensitive data may have been exposed. Aflac is working with cybersecurity experts to assess the breach’s impact and has pledged to notify affected individuals and provide complimentary identity protection services.

Preliminary findings suggest the compromised data may include names, Social Security numbers, health and claims information, and other personal details related to customers, employees, and agents. Aflac stated the attack was part of a broader cybercrime campaign targeting the insurance sector. Similar breaches occurred at other U.S.-based insurers such as Erie Insurance Group and Philadelphia Insurance Companies. None of the incidents involved ransomware encryption, only data theft—suggesting a shift in tactics by sophisticated threat actors.

Cybersecurity researchers believe the group behind the attacks may be Scattered Spider, a known threat actor responsible for prior data breaches in the retail sector. According to the Google Threat Intelligence Group and ReliaQuest, the group is now focused on insurance firms and their IT service providers. While attribution has not been confirmed, the coordinated nature of these incidents signals an urgent need for the insurance industry to strengthen its cyber defenses and remain vigilant against emerging threats.