.png)
Aflac Data Breach Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Aflac Incorporated data breach which has affected over two million Americans.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About Aflac Incorporated
Aflac Incorporated is best known for providing supplemental insurance policies in the United States and Japan. Founded in 1955, it has a workforce of nearly 26,000 employees and operates through several subsidiaries, including American Family Life Assurance Company of Columbus, American Family Life Assurance Company of New York, and Continental American Insurance Company.
Aflac’s presence extends to millions of policyholders worldwide, making it one of the largest providers of supplemental health insurance.
What Happened?
On June 12, 2025, Aflac discovered suspicious activity on its network in the United States. The company initiated its cyber incident response protocols and was able to stop the intrusion within hours.
Initial investigations revealed that a sophisticated cybercrime group used social engineering tactics to gain unauthorized access to Aflac’s systems. The breach was part of a broader campaign targeting the insurance industry. After a thorough review, it was determined that over two million people in the United States were affected, including 2,055,982 in Texas, 61,869 in Rhode Island and 239,076 in Iowa.
Information Exposed:
- Name
- Contact information
- Date of birth
- Social Security number
- Tax ID number
- Health information
- Medical record number
- Date of service
- Health insurance ID number
- Other health insurance information
Aflac began notifying affected individuals by U.S. mail, email, and through a dedicated website. The company also reported the breach to multiple state and federal agencies, including the California, Rhode Island and Texas attorneys general, the U.S. Department of Health and Human Services, and the U.S. Securities and Exchange Commission.
Your Rights and Next Steps
If you received a notice from Aflac, it means your information may have been compromised in this breach. Even if you have not yet detected any signs of fraud or identity theft, it is important to take proactive steps to protect your personal information.
Aflac is offering 24 months of free credit monitoring, identity theft protection, and medical fraud protection through CyEx Medical Shield. These services include Experian credit monitoring, health insurance plan number monitoring, medical record number monitoring, real-time authentication alerts, dark web monitoring, and up to $1 million in identity theft insurance.
Affected individuals are encouraged to:
- Enroll in the free credit monitoring and identity theft protection services provided by Aflac
- Review credit reports and account statements for suspicious activity
- Place a fraud alert or security freeze on credit files if necessary
- Report any suspected identity theft to law enforcement and the Federal Trade Commission
Lawyers are ready to help those impacted by the breach understand their rights and explore potential legal options. If you believe your information was part of this incident, you may have the right to seek compensation for damages related to the exposure of your sensitive data.
You May Be Entitled to Compensation
If you were affected by the Aflac data breach, you may be eligible for compensation. Lawyers are investigating claims on behalf of individuals whose information was compromised. Completing the below form is the first step toward joining a potential lawsuit and protecting your rights.
.svg)