“`html
Globe Life, a prominent American insurance provider, has recently disclosed an incident involving cybercriminals who attempted to extort funds in exchange for sensitive information they had previously acquired.
In June 2024, the company reported a cybersecurity breach where unauthorized individuals accessed confidential customer data via one of its online portals.
The firm has since filed an updated 8-K form with the U.S. Securities and Exchange Commission (SEC), indicating that the attackers accessed sensitive information pertaining to at least 5,000 customers. However, this number is expected to rise as investigations continue.
Clarification on Ransomware Status
Preliminary investigations suggest that the compromised data originated from a subsidiary known as American Income Life Insurance Company. The stolen information includes personally identifiable details such as names, email addresses, phone numbers, mailing addresses, and in some cases Social Security numbers along with health-related records and other policy specifics.
The company stated in its filing: “The threat actor claims to have additional types of information; however, these claims are still under investigation and remain unverified.” It also reassured stakeholders that credit card and banking details were not compromised during this incident.
This breach was not part of a conventional ransomware attack; Globe Life’s systems were not encrypted during the intrusion. Furthermore, there was no disruption to services or operations resulting from this event. Nevertheless, the perpetrators sought financial gain:
The 8-K form elaborated: “Globe Life has received communications from an unidentified threat actor demanding payment in exchange for withholding certain information related to the Company and its independent agents.”
It remains uncertain whether Globe Life complied with these demands; however, it is likely they did not pay off the criminals. Instead, they engaged third-party cybersecurity professionals and alerted law enforcement authorities about the situation.
Affected customers will be informed about their involvement in this incident while measures are being taken to mitigate any potential impact on them.
Currently, there is no evidence suggesting that any of the stolen data has been misused.
Cited by BleepingComputer
Additional Insights from TechRadar Pro
- A significant increase in cyber extortion incidents — small businesses face four times greater risk
- A comprehensive guide on top firewalls available today
- An overview of leading endpoint protection solutions currently offered
Source
“`
