Globe Life data breach potentially impacting 850,000 patients as adjusted victim count is revealed
In a series of cyber attacks, both Allianz Life and Globe Life, a subsidiary of American Income Life Company, have been impacted, potentially affecting over one million customers and employees.
The most significant breach occurred at Allianz Life, where a social engineering attack on a third-party, cloud-based customer relationship management (CRM) system resulted in the potential exposure of personally identifiable information (PII) of the majority of its 1.4 million U.S. customers. Financial professionals and select employees were also impacted.
The breach, which occurred on July 16, 2025, may have exposed sensitive personal information used for identity verification and customer relations. Although the exact categories of data exposed were not fully enumerated, it is likely that the data included names, email addresses, phone numbers, addresses, insurance policy information, health data, social security numbers, and date of birth.
Allianz Life is providing 24 months of identity theft restoration and credit monitoring for affected individuals and continues to investigate the breach. There is no evidence so far that other company systems or networks were accessed.
Globe Life was also hit by a cyber attack last year, which initially was reported to have affected 5,000 individuals. However, an internal investigation revealed that the number of potentially impacted individuals was much higher, with an additional 850,000 people's data found in the same databases.
The details taken from Globe Life's customers were from the American Income Life Company subsidiary. Although no financial information was accessed in the breach, health-related data, date of birth, and social security numbers were potentially exposed.
Globe Life has filed a report with the SEC about the cyber attack and insists no ransom was paid during the extortion attempt. The company is writing to potential victims as a precaution and providing voluntary credit monitoring services.
Thomas Richards, a principal consultant at security firm Black Duck, expressed concern about the Globe Life cyber attack, as it affected nearly one million policyholders. He emphasised the importance of affected individuals being notified as soon as possible to begin taking necessary steps to protect themselves and their data.
The uncertainty surrounding the number of individuals affected and the data accessed in the Globe Life breach is a cause for concern. Without knowing the exact details of the data breach, affected individuals may not have clarity on the best ways to protect themselves and their personal information.
In a separate incident, a data breach at Landmark Admin exposed 800,000 users, with a filing with the Attorney General of Maine revealing the breach exposed a broad range of personal data, including full names and addresses, social security numbers, tax ID numbers, and drivers' license numbers.
The cyber attacks on the insurance industry have been on the rise, with Globe Life being one of several high-profile insurers hit by cyber criminals last year. As the industry continues to digitalise, it is crucial for companies to prioritise cybersecurity measures to protect their customers' data.
- The cybersecurity incident at Allianz Life, involving a potential exposure of sensitive personal information, underscores the importance of robust cybersecurity measures in technology-driven industries, especially when dealing with customer data.
- As technology continues to play a significant role in the insurance industry, it's crucial for companies like Globe Life to prioritize cybersecurity to mitigate potential threats, safeguard customer data, and reduce instances of cyber attacks similar to the one that affected nearly one million policyholders.
