Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Insurance Company Globe Life Investigating Data Breach

US insurance company Globe Life is investigating a data breach involving unauthorized access to consumer and policyholder information. 

Texas-based insurance company Globe Life is investigating a data breach impacting the information of consumers and policyholders.

The life and supplemental health insurance provider disclosed the data breach last week in a filing with the SEC. 

Globe Life said it launched an investigation into “potential vulnerabilities related to access permissions and user identity management for a Company web portal” after an inquiry from a state insurance regulator.

The probe showed that the vulnerabilities likely allowed unauthorized access to consumer and policyholder information. It’s unclear what type of data may have been compromised. 

“Immediately upon notification of these circumstances, the Company removed external access to the portal. At this time, the Company believes the issue is specific to this portal, and all other systems remain operational. The Company’s operations will not be significantly impacted by the removal of external web access to the portal in question,” Globe Life said.

The insurance giant noted that it has hired outside experts to assist with the investigation. While its full scope is still being determined, the cybersecurity incident has not had a material impact up to this point. 

According to its website, Globe Life companies have more than 17 million policies and $227 billion of coverage in force.

It’s unclear if Globe Life was targeted in a ransomware attack, which would not be surprising considering that the insurance sector is often targeted by cybercriminals.

Advertisement. Scroll to continue reading.

SecurityWeek has reached out to Globe Life for additional information and will update this article if the company responds. 

Related: Fidelity Investments Life Insurance Company Notifying 28,000 People of Data Breach

Related: Customer Information of Toyota Insurance Company Exposed Due to Misconfigurations

Related: CISO Conversations: Jason Rebholz and Jason Ozin From the Insurance Sector

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

More People On The Move

Expert Insights