Bleeping Computer reports that Globe Life is notifying an additional 850,000 people of a breach it discovered last year:
On June 13, 2024, the company discovered during a security review of its networks that it had been compromised by hackers who had gained unauthorized access to one of its web portals.
Globe Life shared in October the first results of its investigation, which was assisted by external cybersecurity experts, pointing to a small-scale breach at its subsidiary, American Income Life Insurance Company. The assessment at the time was that the incident affected approximately 5,000 individuals.
The company has shared the latest results of the investigation into the data breach in a new filing with the U.S. Securities and Exchange Commission (SEC), and says that the threat actor accessed specific databases maintained by a few independent agency owners that held personal data of about 850,000 people.
Although Global Life could not confirm if the information stolen by the threat actor extends beyond the nearly 5,000 individuals already identified, the company decided to exercise caution and notify the rest of the potentially impacted customers, as well as provide credit and monitoring services.
Read more at Bleeping Computer.