Aflac data breach class action overview:
- Who: A customer filed a class action lawsuit against Aflac Inc.
- Why: The plaintiff claims Aflac failed to safeguard the personally identifiable information (PII) and protected health information of its customers during a recent data breach.
- Where: The Aflac data breach class action was filed in Georgia federal court.
A new class action lawsuit alleges Aflac failed to safeguard the PII and protected health information of its customers during a recent data breach.
Plaintiff Jessica Batiste filed the class action complaint against Aflac on June 21 in Georgia federal court, alleging violations of state and federal consumer laws.
Batiste claims Aflac failed to protect her and other consumers’ private information, including claims information, health information, Social Security numbers and other personal information related to customers, beneficiaries, employees, agents and other individuals in its U.S. business.
Aflac began notifying individuals on June 20 that it recently detected suspicious activity on its network on June 12, according to a news release on its website.
Aflac ‘disregarded’ consumer rights, class action alleges
Aflac’s investigation into the cybersecurity incident is still in its early stages, the Aflac data breach class action states.
Aflac offered Batiste and other potentially impacted individuals 24 months of credit monitoring and provided a dedicated call center to answer any questions they might have about the data breach.
However, Batiste claims that is not nearly enough when Aflac “disregarded” their rights by failing to implement reasonable cybersecurity measures in the first place. She alleges the information contained in Aflac’s network was not encrypted, allowing data thieves to exfiltrate intelligible data.
Batiste argues that, among other things, the Federal Trade Commission recommends businesses encrypt information stored on computer networks.
Batiste wants to represent all persons living in the United States whose information was compromised in the breach. She is seeking actual damages, statutory damages, punitive damages, restitution, nominal damages, disgorgement, pre- and post-judgment interest, attorney fees and costs.
In two recent data breach class action settlements, Harvard Pilgrim Health Care agreed to a $16 million settlement and Coastal Orthopedics agreed to a $1.4 million settlement to resolve claims they failed to prevent data breaches that happened in 2023. Both settlements are still accepting claim form registrations.
What do you think of the allegations in this Aflac data breach class action? Let us know in the comments.
The plaintiff is represented by Casondra Turner of Milberg Coleman Bryson Phillips Grossman PLLC and Jeff Ostrow and Kristen Lake Cardoso of Kopelowitz Ostrow P.A.
The Aflac data breach class action is Batiste v. Aflac Inc., Case No. 4:25-cv-00185, in the U.S. District Court for the Middle District of Georgia, Columbus Division.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
106 thoughts onAflac hit with class action lawsuit over data breach
Please add me i was a memeber of aflac
I had Aflac and was sent information about this data leak. Please I want to be added to the lawsuit.
Add me. Aflac is shady. I have been a member of Aflac since 2008. Conveniently they dropped one of my policies when I turned 70, stating my employer paid it late. Yet, my 2nd Aflac policy, also paid by my employer wasn’t paid late, and we are 15k employees… I’m the only employee they paid late? I think not.
I have had AFLAC policies since 1981
I currently member of AFLAC since 2010, Please add me
Again! Add US! We just Enrolled in Benefits with them, and they did not DISCLOSE THIS!
I had AFLAC in the past through a previous employer. Please add me.
I also received the email
I received an email on June 20th informing me of the breach. Sadly it was in my spam folder so I didn’t see it before the June 30th deadline to get the credit monitoring, identity theft protection, and medical shield. 10 days is a short amount of time. I only empty my spam folder once a month. Anyway, I’d suggest checking your spam folders folks.
If they didn’t send you something, it could be because your data was not affected.