Global Life discloses cyberattack, approximately 5,000 customers affected

Global Life, one of the largest life and health insurance companies in the United States, has suffered a data breach due to a cyberattack, impacting roughly 5,000 customers.

In an 8-K Filing addressed to the Securities and Exchange Commission (SEC), the insurance company says it was contacted by an unknown threat actor. The attacker is trying to extort the company to pay a ransom demand for not disclosing corporate information.

“After becoming aware of this, the Company immediately activated its incident response plan and, with the assistance of experienced counsel and external cybersecurity experts, launched an investigation,” Global Life states. The extortion attempt has been reported to federal law enforcement agencies.

Investigation shows that approximately 5,000 customers of Global Life’s subsidiary called American Income Life Insurance Company have been affected. As the company has yet to ascertain the scope and impact of the incident, the number of potentially impacted customers may yet increase.

According to Global Life, the threat actor may have stolen full names, email addresses, phone numbers, postal addresses, Social Security Numbers, health-related data, and other policy information. “This information does not appear to contain personally identifiable financial information such as credit card data or banking information,” the company says.

In addition, the attacker claims to possess additional categories of information, but this has yet to be verified. Customers who possibly have been impacted by the incident, will be contacted. The insurance company believes that the extortion attempt doesn’t involve ransomware.

As of writing, the incident hasn’t affected the company’s day-to-day business operation and will probably not have a material impact on its financial conditions.

So far no hacking group or ransomware operation has claimed responsibility for the data breach at Global Life.

This is the second time this year Global Life has to deal with a data breach. In June, the company notified the SEC and stakeholders of an unauthorized access to its corporate network. The threat actor was able to access a specific portal to ‘certain consumer and policyholder information’.

“The company’s operations will not be significantly impacted by the removal of external web access to the portal in question,” Global Life pointed out at the time.