American insurance firm Globe Life has warned that another 855,000 people were potentially impacted by a cyber attack last summer — not the original 5,000 initially reported.
Last summer, Globe Life spotted that cyber criminals had accessed customer data, reportedly via an online portal.
The insurance company — one of the biggest and oldest in the US — filed a report with the SEC on the attack, saying that details had been accessed on 5,000 individuals, but promised to update that figure after an internal investigation.
In October, Globe Life revealed that cyber criminals had contacted the insurer attempting to extort money in exchange for not leaking data.
Now, Globe Life has revealed further details of the attack, saying the initial 5,000 confirmed victims were traced to a set of specific databases maintained by third parties, or as the company put it: "a small number of independent agency owners."
The details taken were from customers of Globe Life subsidiary American Income Life Company. Those databases also included details on the additional 850,000 people, and while there's no evidence their information was leaked, the company is writing to potential victims as a precaution.
"Out of an abundance of caution, the company has also initiated the process to provide voluntary notifications to, and credit monitoring services for, approximately 850,000 additional individuals whose information was also stored in the relevant databases, even though the company has not been able to confirm if the threat actor acquired these additional individuals’ data," the company said in an SEC filing.
Globe Life insists no ransom was paid
Globe Life added that it didn't pay the ransom, and stressed the extortion attempt didn't use ransomware or impact business operations at the time.
According to the most recent filing, the data accessed includes names, email addresses, phone numbers, and addresses, as well as insurance policy information, health data, social security numbers, and date of birth, but no financial information.
Thomas Richards, principal consultant at security firm Black Duck, said the incident will still be a cause for serious concern among customers.
“The uncertainty regarding the number of individuals affected and data accessed in this breach should be concerning, especially since this is a pretty substantial breach with almost one million policyholders affected,” he said.
"Without having this information, the affected individuals may not have clarity on the best ways to protect themselves and their personal information.
“Although it is fortunate that no financial information was accessed, financial information is often the easiest to change in this kind of scenario," Richards noted.
"However, one cannot change their health-related data, date of birth, or social security number so it’s imperative that the affected individuals are notified as soon as possible to begin taking the necessary steps to protect themselves and their data."
Globe Life was one of several high-profile insurers hit by cyber criminals last year, with a spate of attacks targeting organizations operating in the industry.
RELATED WHITEPAPER
The Change Healthcare cyber attack, for example, impacted around 190 million US citizens, with parent company UnitedHealth having recently revised its numbers following an investigation.
Elsewhere, a data breach at Landmark Admin saw 800,000 users exposed. A filing with the Attorney General of Maine revealed the breach exposed a broad range of personal data, including full names and addresses, social security numbers, tax ID numbers, and drivers’ license numbers.
-
Trump's AI executive order could leave US in a 'regulatory vacuum'News Citing a "patchwork of 50 different regulatory regimes" and "ideological bias", President Trump wants rules to be set at a federal level
-
TPUs: Google's home advantageITPro Podcast How does TPU v7 stack up against Nvidia's latest chips – and can Google scale AI using only its own supply?
-
LastPass hit with ICO fine after 2022 data breach exposed 1.6 million users – here’s how the incident unfoldedNews The impact of the LastPass breach was felt by customers as late as December 2024
-
OpenAI hailed for ‘swift move’ in terminating Mixpanel ties after data breach hits developersNews The Mixpanel breach prompted OpenAI to launch a review into its broader supplier ecosystem
-
Small businesses can't get cyber strategies up and running – here's whyNews SMBs are turning to outside help to shore up security as internal strategies fall flat
-
Using AI to code? Watch your security debtnews Black Duck research shows faster development may be causing risks for companies
-
Organizations warned of "significant lag" in deepfake protection investmentnews Defenses are failing to keep up with the rapidly growing attack vector, with most organizations being overconfident
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
Middlesbrough Council boosts cybersecurity spending, strategy in response to repeated cyberattacksNews Councils across the UK have publicly struggled with maintaining services in the face of major cyber disruption
-
Red Hat reveals unauthorized access to a GitLab instance where internal data was copiedNews Crimson Collective has claimed the attack, saying it has accessed more than 28,000 Red Hat repositories
