Aflac said Friday that it experienced a cybersecurity incident last week that may have impacted files containing social security numbers, health information and other personal information.
The insurance company first detected suspicious activity on its network last Thursday and “promptly initiated our cyber incident response protocols and stopped the intrusion within hours,” according to a press release.
“Importantly, our business remains operational, and our systems were not affected by ransomware,” it said. “We continue to serve our customers as we respond to this incident and can underwrite policies, review claims, and otherwise service our customers as usual.”
Aflac noted its preliminary findings suggest the perpetrators used social engineering tactics to gain access to its network. Because its review is still in the early stages, the company said it is unable to determine the total number of people impacted.
It is offering free credit monitoring, identity theft protection and Medical Shield for 24 months for those who reach out to the insurance firm’s call center.
“We regret that this incident occurred,” Aflac added. “We will be working to keep our stakeholders informed as we learn more and continue investigating the incident.”