Ransomware Attack Disrupts Jaguar Land Rover Operations as Cyber Threats Surge Across Industries Jaguar Land Rover (JLR), the UK-based automaker owned by India’s Tata Motors, confirmed a ransomware attack that severely disrupted its retail and production operations. In a statement released Tuesday, the company revealed it had taken immediate action to contain the incident by proactively shutting down systems. While JLR reported no evidence of customer data theft, it is working to restore global applications in a controlled manner. The attack is part of a broader wave of cyber incidents targeting critical industries. U.S. steelmaker Nucor also recently experienced a cybersecurity breach, forcing a shutdown of some production lines. The insurance sector has been particularly hard hit, with Aflac, Philadelphia Insurance Companies, and Erie Insurance all falling victim to attacks this summer. Grocery supply chains have not been spared United Natural Foods Inc. (UNFI), a distributor for Whole Foods and other retailers, disclosed a cyber incident in July that temporarily disrupted operations. Meanwhile, the FBI issued a warning last month about the cybercriminal group "Scattered Spider," which has been targeting airlines. Hawaiian Airlines confirmed a June cybersecurity event affecting its IT systems, while Air France and KLM reported a data breach in their customer service platform. The surge in attacks underscores the growing sophistication of threat actors and the widespread impact of ransomware on global operations.

Aflac Confirms Massive Data Breach Affecting 22.65 Million Individuals in June 2025 Cyberattack Insurance giant Aflac has confirmed that a June 2025 cyberattack compromised the personal and sensitive data of approximately 22.65 million individuals far exceeding the initial placeholder figure of 500 reported to the HHS’ Office for Civil Rights on August 8, 2025. The breach, detected on June 12, 2025, was contained within hours, but investigations later revealed that a threat actor gained access to multiple systems through social engineering attacks on user accounts. Aflac, a Fortune 500 company specializing in supplemental health insurance with 50 million customers worldwide, operates subsidiaries in the U.S. and Japan. The compromised data includes names, addresses, dates of birth, government-issued IDs (passport, driver’s license, Social Security numbers), medical information, and health insurance details affecting customers, beneficiaries, employees, and agents in its U.S. business. While no misuse of the stolen data has been reported, Aflac is offering 24 months of complimentary credit monitoring and identity theft protection to affected individuals. The attack is suspected to be the work of Scattered Spider, a financially motivated hacking group known for targeting critical sectors, including healthcare, insurance, and retail. The group, composed of young English-speaking hackers primarily based in the U.S. and U.K., has previously conducted social engineering campaigns against IT help desks and managed service providers (MSPs). The HHS’ Health Sector Cybersecurity Coordination Center (HC3) issued a warning about the group in October 2024, citing its growing threat to the healthcare and public health sectors. This breach ranks among the largest U.S. healthcare data breaches of 2025, with over 20 class action lawsuits filed and regulatory investigations underway to assess Aflac’s compliance with data privacy laws. The incident follows similar attacks on other insurers, including Erie Insurance Group and Philadelphia Insurance Companies, suggesting a coordinated campaign against the industry. On August 28, 2025, Senators Bill Cassidy (R-La.) and Margaret Wood Hassan (D-N.H.) demanded further transparency from Aflac, requesting details on pre-attack security measures, federal notifications, and steps taken to improve cybersecurity protocols. Aflac has until September 5, 2025, to respond. While ransomware was not deployed in this attack, Scattered Spider’s shift toward data theft and extortion signals an evolving threat to the insurance sector. The breach underscores the group’s ability to exploit social engineering for initial access, even against large, well-resourced organizations.

Aflac, a supplemental insurance provider, fell victim to a large-scale fraud scheme orchestrated by Heather Ann Robinson, who exploited stolen personal and financial information to file fraudulent insurance claims. Robinson, posing as a medical professional without credentials, illegally obtained and administered GLP-1 weight-loss drugs (e.g., Ozempic, Wegovy) while submitting false claims to Aflac and Colonial Life, defrauding them of $87,415—with an additional attempted theft of $157,300. The breach involved identity theft, including siphoning $46,614 from victims’ 401K accounts using compromised data, some sourced from family members. Investigators seized her devices, uncovering extensive evidence after a six-month analysis. While the article does not specify a direct cyberattack, the systematic misuse of stolen credentials and financial data—coupled with prior embezzlement allegations against Robinson—highlights vulnerabilities in Aflac’s fraud detection and customer data protection mechanisms. The incident underscores risks of insider-enabled fraud and third-party exploitation of sensitive policyholder information.

Aflac, a leading US insurance provider, became the first major insurance company to adopt passkeys as part of its passwordless authentication strategy. While the transition significantly improved security—reducing password recovery requests by 32% and eliminating 30,000 identity-related support calls monthly—the article highlights broader industry risks tied to stolen credentials, which remain a dominant attack vector. Verizon’s 2025 Data Breach Investigations Report reveals that 88% of breaches involve compromised credentials, often obtained via phishing, brute force, or credential stuffing. The shift to passkeys mitigates such risks by eliminating password-based vulnerabilities, but the article implies that legacy systems, hybrid authentication models, or incomplete adoption could still expose Aflac to residual threats. For instance, if passkey implementation faces device dependency issues, compatibility gaps with older systems, or user resistance, attackers might exploit fallback password mechanisms or unpatched vulnerabilities in transitional infrastructure. While Aflac’s proactive move reduces attack surfaces, the potential for credential-theft-driven breaches persists in hybrid environments, particularly if employees or third-party vendors rely on traditional authentication for certain services.

Aflac Hit by Cyberattack as Scattered Spider Targets Insurance Sector Aflac, a major U.S. insurance provider, disclosed a cybersecurity breach on June 12, linking the incident to the cybercrime group Scattered Spider. Known for its advanced social engineering tactics, the group has increasingly targeted financial services and insurance firms, with recent attacks also affecting Erie Insurance, which now faces a proposed class-action lawsuit over alleged inadequate security measures. The breach at Aflac was detected and contained within hours, though the investigation supported by external cybersecurity experts remains ongoing. Initial findings suggest the attackers gained access through social engineering rather than ransomware. While Aflac’s core operations, including claims processing and customer service, remain unaffected, the exposed data may include claims records, health details, Social Security numbers, and personal information tied to policyholders, beneficiaries, employees, and agents. Aflac has not yet determined the full scope of the breach or the number of affected individuals but is offering 24 months of complimentary credit monitoring, identity theft protection, and Medical Shield coverage to those who contact its call center. The incident reflects a broader trend of cyber threats exploiting both malicious attacks and internal vulnerabilities, such as software misconfigurations. The breach follows a pattern of recent intrusions against insurers, underscoring the sector’s growing appeal to sophisticated threat actors. Aflac continues to assess the impact and will provide updates as the investigation progresses.

Aflac insurance company has encountered a breach of personal data that has exposed the email accounts belonging to a small number of independent contractor sales agents. Clients' personal information such as names, addresses, dates of birth, policy numbers, social security numbers, and bank account information may have been exposed. The unauthorized access to email accounts happened between Jan. 17 and April 2. The company took immediate action by resetting passwords, isolating specific email accounts and contacting the affected insurance agents. Aflac has stated that they are unaware of any misuse of personal or health information at this time.

The California Office of the Attorney General disclosed a data breach at Aflac, where unauthorized actors potentially accessed Microsoft Office 365 email accounts of some sales agents. The breach spanned from September 8, 2017, to May 9, 2018, though the exact number of affected individuals remains undetermined. The compromised data may have included highly sensitive personal and financial information, such as names, addresses, dates of birth, policy numbers, and Social Security numbers (SSNs). The prolonged exposure period increases the risk of identity theft, financial fraud, or misuse of the stolen data. While the breach was limited to sales agents' accounts, the nature of the exposed information—particularly SSNs—poses significant long-term risks to both employees and customers whose data may have been stored or transmitted via these accounts. The incident underscores vulnerabilities in third-party email systems and the critical need for robust monitoring to detect and mitigate unauthorized access promptly.