Insurance giant Globe Life says it’s being extorted by hackers

American insurance giant Globe Life recently confirmed that cybercriminals tried to extort money in exchange for sensitive data they previously stole.

In mid-June 2024, the company reported a cybersecurity incident in which unknown third parties accessed sensitive customer data through one of its web portals.

It has now submitted a new 8-K form with the U.S. Securities and Exchange Commission (SEC), claiming the crooks accessed sensitive data on at least 5,000 customers – although the final number will probably be bigger, once the investigation concludes.

Not a ransomware attack

So far, the analysis has shown the information was taken from a subsidiary called American Income Life Insurance Company, and included personally identifiable information categories such as names, email addresses, phone numbers, postal addresses, and in some instances Social Security numbers, health-related data, and other policy information.

“The threat actor claims to possess additional categories of information, which claims remain under investigation and have not been verified,” the company said in the form, adding credit card and banking information was safe.

The data was not taken as part of a traditional ransomware attack. Globe Life’s systems were not encrypted, and the break-in did not result in the disruption of any services or operations. However, the crooks still tried to trade the data for money:

“Globe Life recently received communications from an unknown threat actor seeking to extort money from the Company in exchange for not disclosing certain information held and used by the Company and its independent agents,” the 8-K form further reads.

It was left unclear if the company paid the demand or not, but it’s most likely that it did not. Instead, Globe Life brought in third-party cybersecurity experts and notified law enforcement.

Affected customers “will notify individuals affected by this incident,” and take steps to protect and remediate the impact for them, it said.

There is currently no evidence that the data was misused.

Via BleepingComputer

More from TechRadar Pro

https://cdn.mos.cms.futurecdn.net/ioiGboNmGxjo77hGKRFefJ-1200-80.jpg

Source link

How to watch Scull vs Shishkin live stream for FREE

Qualcomm’s canceled mini-PC could spell trouble with consumers down the line

Casio recovery from ransomware attack uncertain, ‘no prospect of recovery yet’

Razer Iskur V2 review: sleek design and superior support

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

‘Heathers’ is still the best dark comedy about high school hell

Trump vs. Harris: How the election will affect EV adoption

Lumwana’s Super Pit Expansion Officially Launched By Investing.com

How Biden could use a 1947 law to suspend the dockworkers’ strike

Why your Roth IRA conversions could have ‘unintended’ tax consequences

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Insurance giant Globe Life says it’s being extorted by hackers

How to watch Scull vs Shishkin live stream for FREE

Qualcomm’s canceled mini-PC could spell trouble with consumers down the line

Casio recovery from ransomware attack uncertain, ‘no prospect of recovery yet’

Razer Iskur V2 review: sleek design and superior support

Leave a reply Cancel reply