Skip to content
  • All News
  • Regional News
    • Southeast Asia News
    • South Asia News
    • Northeast Asia News
    • Australasia News
  •   Awards
  • Events
    • Southeast Asia Events
    • South Asia Events
    • Middle East Events
    • Northeast Asia Events
    • Australasia Events
    • Past Events
  • On-Demand
  • Our Story
  • Contact Us
Menu
  • All News
  • Regional News
    • Southeast Asia News
    • South Asia News
    • Northeast Asia News
    • Australasia News
  •   Awards
  • Events
    • Southeast Asia Events
    • South Asia Events
    • Middle East Events
    • Northeast Asia Events
    • Australasia Events
    • Past Events
  • On-Demand
  • Our Story
  • Contact Us
Member Login & Register Beta
Login
Northeast Asia News

Aflac & Zurich Insurance Customers in Japan have had Millions of Data Leaked

The Japanese customers of two large insurance companies Aflac and Zurich have had their personal information leaked after the breach of a third-party service provider. The attacked provider has not been identified, and neither company would comment on whether the two attacks were related. Each company, however, issued statements this week alerting their customers that their information had been made public.

According to Jon Sullivan, Aflac director of communications, they recently learned about a “data-related incident” involving customers from Japan. About 1.3 million customers were impacted by the incident, which was brought on by a file transfer server vulnerability and started with a subcontractor of a third-party vendor utilized by Aflac Japan for marketing purposes.

“The data, which did not include personally identifiable information (PII), was posted on a dark website. This incident was confined to Aflac Japan and did not involve data related to U.S. operations or customers.” said Sullivan

The company said in a statement that it intended to get in touch with each customer separately to outline the support options available to them. The vulnerability was found on January 9. They claimed in the letter that they had examined the dark web post and verified the data’s affiliation with their company. Names, ages, genders, insurance types, insurance numbers, rates, and further plan details were all included in the data.

According to the press release, which includes a number to a contact center with more information, all of those affected—1,323,468 people—had one of three types of cancer insurance coverage. In order to prevent future thefts, Aflac said that it had deleted the stolen data from the third-party server.

A spokesperson for Zurich Insurance Group stated that the company is also aware that Japanese customer data has been stolen and made public, attributing it in a manner similar to that of the first statement. Along with starting the process of alerting Japanese customers, they have gotten in touch with regulators and authorities.

“There is no indication that any customer data outside of Japan have been compromised, nor indication of any compromise of Zurich internal systems. Initially, it was falsely reported that 2.6 million customers were affected by the data breach. It has since been clarified that 757,463 ‘Super Automobile Insurance’ customers (a local motor insurance product) have been affected.” the spokesperson said.

Names, policy numbers, customer IDs, emails, dates of birth, and further vehicle information are among the stolen data..

According to Lior Yaari, CEO of Grip Security, the incident served as yet another illustration of the risk that big businesses run when they commit their customers’ personal information to unreliable third parties.

“Whether it’s a third-party, former employee, overly permissive grants, or dangling access on zombie accounts, the opportunity to exploit credentials and thereby gain access to sensitive information has never been more appealing, which is one of the reasons third parties and their credentials to access client systems remain top attacker targets,” said Yaari.

Eureka Security CEO Liat Hayun said that third-party providers are frequently a necessary evil for businesses the size of Aflac and Zurich, placing the majority of businesses in an unenviable position.

“Who do you trust with your critical data assets? Your answer would be ‘no one,’ however, the reality is that organizations use third-party vendors to enable day-to-day operations,” Hayun explained. With that said, it is best to work with third-party vendors who have the same, if not better data security policies than your own organization to further accelerate day-to-day operations.”

The announcement of the breach comes only days after the company’s CEO warned the Financial Times that situations like these were “uninsurable” due to the size and frequency of cyberattacks.

 

Publish on W.Media
  • January 13, 2023
Author Info - W.Media
Hazel Moises
Hazel Moises
Share This Article
PrevPrevious PostIBM and the Australian Government Sign a $725 million Quantum Computing Agreement
Next PostChina to Launch World’s First 5G Cruise ShipNext
Other Popular Posts
b2d1b2d1-d839-4df9-83e1-c9a169ecf5a3
World News
December 22, 2022

SCCC Alibaba Cloud Signs MoU With Trend Micro For Cybersecurity Solutions

Indonesia (1)
On-Demand
March 13, 2022

SEA Digital Week Indonesia 2022

cloud tech
Southeast Asia News
January 17, 2023

Digital Edge Partners with Zenlayer to Build One-stop Edge Cloud Service Hub in East & Southeast Asia

Image Credit: Cloud Tech Arena
South Asia News
July 8, 2022

Redington India Collaborates with AWS to Accelerate Cloud Adoption in India

Image credit: Telegraph India
South Asia News
April 29, 2022

ICICI Bank launches digital ecosystem for India’s MSMEs

image
Southeast Asia News
October 25, 2022

Enabling Digital Transformation in Southeast Asia

W.Media is a Technology Publishing Company & Community Hub.

Our comprehensive taxonomy includes - breaking news, digital marketing and events targeted at Cloud/IT, Datacenters and Connectivity

Receive the latest news.

We'll keep you in the loop.

Great! now press

Our Story

Contact Us

Advertise on W. Media Platforms

Terms & Conditions

Privacy Policy

© 2022 W.Media. All Rights Reserved