Suppose you have an insurance policy with American Income Life Insurance Company, a subsidiary of insurance giant Globe Life. In that case, you may soon receive a notification of a data breach that exposed the personal information of at least 5,000 customers.
The news of the breach follows an update indicating that Globe Life faces hacker extortion related to the cyberattack.
Globe Life reports that since the breach occurred in June 2024, the criminals behind the theft have been in contact several times, demanding money. They claim that if they receive payment, they will not release the stolen information.
What the Hackers Stole and How
Although Globe Life has more than 17 million insurance customers, it appears that this particular breach affects only about 5,000 of them; it’s possible (and likely) that the investigation will uncover many more victims.
Information that this attack exposed includes:
- Customer names
- Physical and email addresses
- Phone numbers
- Policy information
- Health-related information
The breach may also have exposed some Social Security numbers. However, the company says there’s no evidence that the cybercriminals obtained any payment information, which could include credit card and bank account numbers.
The big question is how this attack occurred and why Globe Life faces hacker extortion. Security experts suspect that the incident stemmed from one of the company’s online portals, possibly due to a successful phishing attack. It’s not a traditional ransomware attack because the criminals did not inject file encryption malware or disrupt operations but focused on extorting money from the company.
What Are the Next Steps in This Incident?
In accordance with the law, Globe Life reported the security breach to federal authorities. The investigation into the source of the attack and the actors behind it is ongoing. The company discovered the breach before the blackmail demands during a review of vulnerabilities in access permissions and user identity management in the web portal.
Globe Life reports that its security team addressed the vulnerabilities that contributed to the breach and that customer and policyholder data is no longer at risk of exposure. They immediately removed external access to the affected portal and contracted with an outside agency to investigate the source of the issue further.
In the meantime, affected customers will receive a notice and further instructions on how to proceed if they are affected by the breach.
Globe Life faces hacker extortion demands, but the company has yet to reveal how much the criminals want them to pay. The attackers also purport to have additional information that they can reveal if the company doesn’t pay them, but those claims remain under investigation and are not confirmed.
