Aflac Japan suffered a significant data breach, with hackers accessing its systems for 10 days and stealing sensitive information from 4.38 million customers. The breach occurred between June 15 and June 25, during which time attackers gained access to the company's policyholder portal and extracted personal data, including names, addresses, phone numbers, and insurance account information. The type and extent of exposed data varied by customer, but security details and dates of birth were also compromised in some cases1. Aflac Japan has since contained the breach, but the incident highlights the potential consequences of delayed detection. The fact that hackers were able to operate undetected for 10 days raises concerns about the company's security measures. This breach matters to practitioners because it underscores the importance of implementing robust detection and response mechanisms to minimize the impact of a security incident.