Hackers Stole Data Of Over 5,000 Individuals From Globe Life

Globe Life, an insurance company, is facing an extortion attempt after hackers stole data on over 5,000 individuals from one of its subsidiaries. The company informed the U.S. Securities and Exchange Commission (SEC) that it has reported the incident to federal law enforcement.

So far, the investigation suggests that the compromised data may include personal information of about 5,000 individuals linked to the company’s subsidiary, American Income Life Insurance.

This data includes names, contact details, Social Security numbers, and health-related information, but no financial data like credit card or banking information has been found. The threat actor has also shared limited information with short sellers and attorneys, claiming to have more data, which is still under investigation.

Globe Life warned that the full scope of information possessed by the threat actor has not been fully verified. The Texas-based insurance giant said the extortion attempts did not involve ransomware or any cyberattack that disrupted company operations.

The demands from the hackers remain unknown, and Globe Life declined to respond to questions from TechCrunch and The Record.

The company plans to notify affected individuals, take protective measures, and continue working with regulators. As of now, Globe Life believes the incident hasn’t significantly impacted its operations or financial health.

Globe Life previously reported a data breach on June 13 after identifying a compromise during a review of vulnerabilities related to access permissions and user identity management for its web portal, noted Bleeping Computer (BC).

The company warned that hackers might have accessed consumer and policyholder data through the breach of one of the portals, said BC.

While the breach didn’t significantly disrupt operations, there were concerns about the potential exposure of data, which could impact millions, notes BC.

This recent extortion attempt highlights the growing threat of cyberattacks targeting sensitive data across industries. This is particularly concerning in the insurance sector, where personal information is a prime target.