Aflac and Zurich have confirmed that millions of customers located in Japan were impacted after a third-party contractor used by both of the insurance multi-nationals was breached. Customer details were allegedly put up for sale after the incident. Although the breached supplier has not been named, Japanese media outlets claim that the company is based in the US. Overall, two million customers were impacted, including 1.3 million using Aflac’s cancer insurance policies and 760,000 Zurich auto-insurance users.
Information exposed during the data breach includes name, age, gender, policy number, insurance number, and coverage amount. The information could be used for further attacks against the customers such as phishing attempts, however, since no emails of contact information was exposed the chances are less likely. Aflac stated that the customer information has been deleted from the impacted server and that the insurer would be taking additional measures to prevent future incidents. In the Zurich incident, hackers accessed dates of birth, vehicle information, names, email addresses, customer IDs, and policy numbers. This data is more likely to be utilized by an attacker to target the victims.
Read More: Millions of Insurance Customers Compromised Via Supplier