Aflac Cybersecurity Incident: 22.6 Million Personal Data Stolen

Aflac data breach cybersecurity incident personal information stolen insurance industry cyberattacks data protection
Edward Zhou
Edward Zhou

CEO & Co-Founder

 
December 24, 2025 2 min read
Aflac Cybersecurity Incident: 22.6 Million Personal Data Stolen

TL;DR

  • Aflac experienced a major cybersecurity incident in June 2025, compromising the personal and sensitive data of 22.65 million individuals. The stolen information includes names, dates of birth, addresses, government IDs, Social Security numbers, and medical details. This breach is part of a broader trend targeting the insurance industry, prompting Aflac to offer credit monitoring and identity theft protection services to affected customers.

Aflac Data Breach Impacts 22.65 Million Individuals

Aflac, the insurance company, has announced that a cybersecurity incident in June 2025 affected the personal information of approximately 22.65 million individuals. The company disclosed the incident and has begun notifying those affected. More information is available on Aflac's website.

Details of the Breach

The stolen data includes:

  • Customer names
  • Dates of birth
  • Home addresses
  • Government-issued ID numbers (e.g., passports, state ID cards, driver’s licenses)
  • Social Security numbers
  • Medical and health insurance information

Aflac's filing with the Iowa attorney general indicates that the cybercriminals may be affiliated with a known cyber-criminal organization that has been targeting the insurance industry.

Aflac's Response

Following the detection of the breach, Aflac secured potentially impacted accounts, reset passwords, and increased monitoring for suspicious activity. Aflac's press release states that the company is not aware of any fraudulent use of personal information to date and will continue to monitor for such activity with third-party partners. The company also provided customers with credit monitoring, identity theft protection, and medical fraud protection. Further details can be found in their update.

Cybercrime Targeting Insurance Industry

Aflac noted that this attack was part of a broader cybercrime campaign against the insurance industry. Other insurance companies, such as Erie Insurance and Philadelphia Insurance Companies, have also experienced data breaches around the same time. The FBI's Internet Crime Complaint Center (IC3) has reported that personal data breaches are among the top cybercrimes. The IC3's "Internet Crime Report 2024" highlights that data breaches are a significant threat to critical infrastructure organizations.

Gopher Security's AI-Powered Zero-Trust Architecture

In light of increasing cyber threats, Gopher Security specializes in providing advanced cybersecurity solutions. Our AI-powered, post-quantum Zero-Trust architecture is designed to protect organizations from sophisticated cyberattacks. The platform converges networking and security across devices, apps, and environments, utilizing peer-to-peer encrypted tunnels and quantum-resistant cryptography. This ensures robust protection for endpoints, private networks, cloud environments, remote access, and containers.

Enhance Your Cybersecurity Posture: Contact Gopher Security

Protect your organization with Gopher Security's advanced cybersecurity solutions. Explore our offerings and contact us today to learn how our AI-powered, Zero-Trust architecture can safeguard your data and infrastructure. Visit https://gopher.security for more information.

Edward Zhou
Edward Zhou

CEO & Co-Founder

 

CEO & Co-Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions.

Related News

Vulnerability Exploits Lead Cyber Intrusions in 2026 Trends
vulnerability exploits

Vulnerability Exploits Lead Cyber Intrusions in 2026 Trends

Exploits are now the top intrusion method, outpacing phishing. Discover why rapid vulnerability patching is critical and how to bolster your defenses. Read more!

By Edward Zhou March 4, 2026 4 min read
common.read_full_article
Google Dismantles IPIDEA, Major Proxy Network for 550+ Threats
Ipidea proxy network

Google Dismantles IPIDEA, Major Proxy Network for 550+ Threats

Google has disrupted Ipidea, a massive residential proxy network used by cybercriminals. Learn how this action impacts online security and what it means for threat actors. Read now!

By Brandon Woo February 27, 2026 4 min read
common.read_full_article
Pentagon Leaders Anticipate Cybercom 2.0 to Counter Chinese Threats
Cybercom 2.0

Pentagon Leaders Anticipate Cybercom 2.0 to Counter Chinese Threats

The Pentagon is overhauling its cyber defenses with Cybercom 2.0. Discover how specialization, AI, and innovation are reshaping the fight against threats like China's Volt Typhoon. Learn more!

By Jim Gagnard February 26, 2026 3 min read
common.read_full_article
FBI Seizes RAMP Ransomware Forum Linked to Cybercrime Operations
RAMP ransomware forum

FBI Seizes RAMP Ransomware Forum Linked to Cybercrime Operations

The FBI has successfully seized RAMP, a major dark web forum used by ransomware gangs. Discover the impact of this takedown on cybercrime operations. Read more!

By Brandon Woo February 23, 2026 3 min read
common.read_full_article