Quack Attack: Aflac Breach Leaves Millions Exposed in Targeted Cyberattack

Published: August 16, 2025 on our newsletter Security Fraud News & Alerts Newsletter.

You’re not quackers, really. However, if you use that supplemental “duck” insurance, there’s information you should know. On June 12, 2025, Aflac detected unauthorized access to its U.S. network. The company quickly initiated its incident response protocols and halted the intrusion within hours. While operations remained fully functional and no ransomware was deployed, cybercriminals managed to access sensitive files.

Who got quacked

Though Aflac is still reviewing impacted files and hasn’t disclosed the exact number of affected individuals, it acknowledged that the breach potentially impacted customers, beneficiaries, employees, agents, and other individuals tied to its U.S. operations. The compromised data includes:

• Names and Social Security numbers

• Health and medical claims information

• Additional personal identifiers related to insurance coverage.

Why it matters to you

The breach is part of a broader wave of cyberattacks on the insurance industry, likely orchestrated by the Scattered Spider group—a threat actor known for slick social engineering tactics, including fake tech-support calls aimed at tricking employees into granting access. Everyone should be aware of these and know how to avoid them.

What victims need to do

• Accept Aflac’s offer of complimentary credit monitoring, identity-theft protection, and Medical Shield coverage for 24 months. If you already have coverage from another incident and you have time to wait on this one, wait. Enable it once your other coverage expires, but be sure to check when Aflac’s offer to sign up expires so you can enable it before that.

• Monitor credit reports for unusual activity—look out for new accounts or odd inquiries. If anything at all is off, contact the credit reporting agency to find out what it is and to get it corrected.

• Consider freezing your credit with the three major bureaus to prevent unauthorized accounts. You have to go to each company individually to do this: Experian, TransUnion, and Equifax.

• Be alert to phishing attempts—attackers may use stolen data to craft convincing scams. If they make it sound urgent or too good to be true, you can bet it’s a scam.

• Enable fraud alerts on financial accounts and insurance portals. These will let you know right away if someone tries to open an account using your credit information. They will not prevent it. It just gives you a head’s up.

• Change passwords and enable multi-factor authentication for any Aflac-related or linked services. Use strong and unique passwords on all accounts.

While stopping the breach quickly was critical, recovery and monitoring are ongoing. Even if you haven’t heard from Aflac directly, staying proactive with credit vigilance and protective tools can mitigate long-term risks. Prompt action now can help safeguard your identity.

Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com