Just days after Aflac Inc. disclosed a significant data breach, an Alabama law firm has filed a proposed class-action lawsuit alleging the insurer failed to adequately protect customers’ personal information. The suit, filed in federal court in Georgia by Beasley Allen Law Firm on behalf of policyholder Martha Graham, claims Aflac knew about the cybersecurity risks but failed to take reasonable steps to prevent the breach. The cyberattack, reportedly linked to the hacking group Scattered Spider, compromised sensitive customer data and is part of a broader wave of insurance sector breaches.
The complaint faults Aflac for delaying notification to affected individuals and for omitting key details in its disclosure, such as when the breach occurred and what security failures led to it. While Aflac is offering 24 months of credit monitoring and identity theft protection, the plaintiffs are seeking compensatory and punitive damages, citing risks of fraud and identity theft. This case adds to the growing list of class-action lawsuits following cyberattacks, as courts increasingly scrutinize companies’ cybersecurity protocols and breach responses.
This blog is intended to provide information to the general public and to practitioners about developments that may impact Oregon class actions.
