Hackers breach Aflac customer database exposing 4.38 million personal records
Aflac has disclosed a customer database breach reportedly exposing approximately 4.38 million personal records, with reporting concentrated on the carrier's Japan operations alongside its US parent. Initial coverage is consistent with a large-scale cybercriminal data exfiltration event; no attack vector, threat actor, data-type breakdown, ransom demand, or loss figure has been publicly confirmed.
AI-generated from linked source reports. See our correction policy.
Impact verdict
Medium impact. Loss pathway centres on first-party cyber response costs (forensics, notification, credit monitoring), third-party privacy liability and class-action exposure for 4.38 million affected policyholders, and potential regulatory penalties across US and Japanese jurisdictions. A breach of this scale at a publicly traded supplemental health insurer is plausibly consistent with an aggregated insured loss in the USD 100m to USD 1bn band through cyber and privacy liability towers, but no loss figure, business-interruption confirmation, ransom demand, or data-type detail has been confirmed; banding is set on scale-and-line plausibility rather than a stated quantum.
View assessment methodologyPremium discovery tier
Unlock analyst briefs, intelligence depth, and the revision timeline
Public pages show event facts and a short lead-in. Premium accounts unlock analyst briefs, deeper intelligence, loss context, and the full revision history for this event.
Start two-week trialGeographic Zone Matches
3 active matches
- TRIA Certified AreasRule-basedConfidence 100%
- Pacific Ring of FireRule-basedConfidence 100%
- Caribbean Hurricane ZoneRule-basedConfidence 100%
Geographic zone matches are RiskEvents spatial/analytical indicators, not coverage determinations or Lloyd's official classifications.
Affected countries
Lloyd's classifications
Tracking this kind of risk? Get an email when Cyber events escalate.
Get alerts