On June 12, 2025, Aflac identified suspicious activity on its U.S. network and promptly initiated its cyber incident response protocols. The company responded quickly, containing the intrusion within hours. No ransomware was involved, and all core business functions—including underwriting, claims processing, and customer service—continue to operate normally.
The attack appears to be part of a broader campaign by a sophisticated cybercrime group targeting the insurance and financial services sector. Aflac. The attack seems to be part of a larger campaign by a skilled cybercrime group targeting the insurance and financial services industries. Aflac has hired top third-party cybersecurity experts to investigate the incident, contain any additional risks, and assist with mitigation efforts. Early findings suggest that the attackers used social engineering tactics to gain unauthorized access to internal systems.has engaged leading third-party cybersecurity experts to investigate the incident, contain any further risk, and support mitigation efforts. Preliminary findings indicate that the attackers used social engineering tactics to gain unauthorized access to internal systems.
Aflac has started reviewing files that may have been accessed during the breach. These files might contain sensitive personal information, such as claims data, health records, Social Security numbers, and other identifiers related to customers, policyholders, beneficiaries, employees, and agents. Although the full scope of the breach is still being determined, Aflac is offering 24 months of free credit monitoring, identity theft protection, and coverage to individuals who contact the company’s dedicated response center.
The call center will open on June 20 at 8:00 a.m. Eastern Time and can be reached at 1-855-361-0305. Support will be available Monday through Friday from 9:00 a.m. to 9:00 p.m., Saturday from 9:00 a.m. to 5:30 p.m., and Sunday from 10:00 a.m. to 4:00 p.m., excluding major U.S. holidays.
The financial services industry remains one of the most frequently targeted sectors for cyberattacks. With access to highly sensitive data and critical infrastructure, financial firms are desirable targets for cybercriminals employing advanced tactics such as phishing, credential theft, and data exfiltration. Even a brief disruption or breach can have significant reputational, legal, and operational consequences.
At Topgallant Partners, we specialize in helping financial and insurance organizations defend against precisely these types of threats. Our cybersecurity services include proactive risk assessments, internal and external penetration testing, phishing resilience training, and compliance readiness for regulations such as GLBA, FTC Safeguards, and HIPAA. We partner with institutions to build layered security defenses that detect threats early and respond with precision. Our goal is to help clients stay protected, compliant, and prepared in a rapidly evolving threat landscape.
Learn more about our Services here https://topgallant-partners.com/cyber-security/
As the investigation continues, Aflac has committed to transparency and will provide updates as more information becomes available.
More information about the Attack can be found Here https://www.prnewswire.com/news/aflac/
0image sources
- White Goose: Photo by Engin Akyurt | All Rights Reserved
