Insurance Services Company Imagine360 Gets Breached, Exposing 125k Individuals
Table of Contents
- By Steven
- Jul 13, 2023
Imagine360 is a Pennsylvania-based company that works with employers to develop custom health plans for their workers. The organization specializes in helping companies save money on insurance while giving better insurance to their employees. The company works with medium and large businesses and handles a large amount of data for its clients. Imagine360 LLC was recently a victim of two different file transfer data breaches, which means that health-related data and personal data have been exposed.
How Did the Attack Occur?
Imagine360 lost vital patient data because of two separate file-sharing service data breaches. The company's access to Citrix was leveraged to steal data on January 20, 2023, and Fortra's GoAnywhere file systems were attacked on February 3, 2023. Between these two attacks, more than 125,000 people reportedly lost their valuable information. The attacks are a big deal, and even though Imagine360 wasn't personally attacked, and the only services it was relying on were, the company lost huge amounts of personal and health-related data that makes it a liability for the companies it serves.
What Information Was Viewed or Stolen?
Even though full access to Imagine360's servers was never granted, personal and health-related data was exposed for thousands of individuals. Social Security Numbers, insurance information, full names, medical data, and more were lost to the breaches, putting a large number of people at risk. If your data was exposed in this breach, there is a good chance you could be attacked in the future and have your credit damaged.
How Did Imagine360 LLC Admit to the Breach?
The company sent an official notice to the Maine Attorney General's Office on June 30, 2023. In the notice, it explains what information was lost, how many people could be impacted by the breach, and which two file-sharing tools caused issues for the company. All these important details are exposed in the official documents explaining the breach. Individual notices were mailed to each of the people identified as being part of the breach. If you receive a notice from the company, you should take action to guard your data and prevent it from being misused as much as possible.
What Will Become of the Stolen Information?
Any data taken in these breaches will be misused in an effort to gain money. It's possible that huge amounts of data will be traded to other hackers that will use it for identity theft, phishing, and other attacks. The attackers themselves may also misuse the information.
What Should Affected Parties Do in the Aftermath of the Breach?
If you get a notice from Imagine360 stating you're at risk of having your information exposed, you should take immediate steps to protect yourself. Begin by looking up your recent credit reports for any strange accounts. Move on to investing in identity theft protection services that will notify you if anything changes on your credit. With specific data, you'll know when you're being attacked, and you'll have the chance to respond before you face serious problems from the attackers.