Arizona Insurance Company Notifies 42,000 Individuals of Their Involvement in a Massive Data Breach
Table of Contents
- By Steven
- Dec 16, 2022
Insurance companies are often highly sought after; at least, they are in the criminal world. They hold an extensive amount of information, and when information has fallen into the wrong hands, it could lead to a wide array of problems, most notably identity theft. People need to understand that their personal data goes far beyond just the doctor’s office or hospital they give it to. It goes to the hospital database, and from there, on to the servers of the insurance company.
While many of us think about our insurance companies as roadblocks, they do their best to help in most instances. They are also dealing with a lot of procedures behind the scenes, which sometimes leads to a lapse in security.
How Did the Attack Occur?
The attack occurred when a third party accessed the company's internal systems, compromising files that contained personally identifiable information (PII). Upon realizing the breach occurred, BGA, or Black, Gould & Associates Inc., hired a third-party forensic investigator and contacted law enforcement.
What Information Was Viewed or Stolen?
As far as data breaches go, this one had very little information involved. The only thing the hacker managed to access was social security information, making it a minor breach compared to most others we write about.
How Did BGA Admit to the Breach?
BGA admitted to the breach by filing notices with both Maine and Texas' Attorney Generals, as well as sending notifications to the affected parties. There were around 42,000 individuals victimized by the breach, and these people escaped the breach surprisingly easily. Most breaches that include social security numbers also include people's names, birthdays, and, sometimes, certain medical and/or financial information. We understand that an unauthorized party having your social security number is a bad thing, but it could be much worse.
What Will Become of the Stolen Information?
There are many things for sale on the dark web. Rare animals and foods, baby formula, organs; you name it, they'll sell it to you – overpriced as it may be. This also includes a lot of information gained in hacks and data breaches. The highest selling of this information pertains to passports, diplomas, and financial information. A new identity, which includes a name, birthday, and social security number, costs about 60 to 80 dollars on the black market.
What Should Affected Parties Do in the Aftermath of the Breach?
In the aftermath of the breach, we recommend victims take it as a learning curve. Now that you've dealt with this one, you'll be better prepared to handle another as there are thousands of files breached daily. If you're new to the world of cybersecurity, we welcome you! We only wish it could have been under better circumstances. The best thing that anyone can do when their data was exposed through a breach is to invest in identity monitoring services. That way, you know someone else, besides you, is watching out to keep your data safe.