Hackers blackmail Globe Life after stealing customer data


Insurance giant Globe Life says an unknown threat actor attempted to extort money in exchange for not publishing data stolen from the company’s systems earlier this year.

Founded in 1900, Globe Life is among the largest providers of life and health insurance plans in the United States, with a market capitalization of $12 billion and a total revenue that exceeds $5.3 billion.

Global Life previously disclosed a data breach on June 13 after discovering they had been compromised while reviewing potential vulnerabilities related to access permissions and user identity management for its web portal.

At the time, the company warned that the hackers may have accessed consumer and policyholder data following a successful breach of one of the web portals.

Although the company’s operations weren’t significantly disrupted due to the incident, there was concern about what data might have been stolen, as such a scenario could potentially impact millions.

In a new filing submitted to the SEC today, Globe Life says that at least 5,000 customers of its subsidiary, American Income Life Insurance Company, are impacted. However, this number may increase as the investigation continues.

Globe Life also says that the cybercriminals behind the attack attempted to extort the company into paying a ransom in exchange for not publishing the stolen data.

The data samples the firm received from the threat actor appear to be related to one of its subsidiaries, American Income Life Insurance Company.

“Globe Life Inc. recently received communications from an unknown threat actor seeking to extort money from the Company in exchange for not disclosing certain information held and used by the Company and its independent agents,” reads the Thursday morning SEC filing.

“Based on the Company’s investigation to date, which remains ongoing, the Company believes that information relayed to the Company by the threat actor may relate to certain customers and customer leads that can be traced to the Company’s subsidiary, American Income Life Insurance Company.”

The information stolen by the cybercriminals includes the following data types, which vary per individual: full names, email addresses, phone numbers, postal addresses, Social Security Numbers, health-related data, and policy information.

Global Life has also clarified that the extortion attempt does not involve ransomware, so there has been no data encryption of file locks on the company’s systems.

Regarding the financial impact of the incident, as of today, Global Life believes that it will not have a material impact on its business operations and does not expect it to affect its financials.



Source link