USAA Insurance Suffered a Serious Breach Exposing Thousands
Table of Contents
- By Steven
- Jul 07, 2023
USAA Auto Insurance is one of the leading insurance companies in the country today and is known for offering reliable coverage to many people in the country. The organization was founded in 1922 with a group of Army officers and has since expanded dramatically. The organization serves millions of individuals and has detailed information for so many customers that it's a real risk that the company recently went through a data breach.
How Did the Attack Occur?
According to our recent investigation, a small number of third-party call center workers shared their access credentials with the company improperly. These credentials were then used to get into customer data and steal information that could be used to attack the individuals involved. The data breach persisted from December 20, 2022, until May 18, 2023. During that time period, the individuals could have taken a huge amount of data, and they could have spent time looking through whatever documents were available to them.
What Information Was Viewed or Stolen?
We don't have the details surrounding what specific information was exposed in this breach. We only know that some USAA customers were exposed in a recent breach. We suspect that personal information was taken and shared in this breach, but we don't have the specifics. The data taken is likely harmful to the users exposed and could be used for credit theft purposes.
How Did USAA Admit to the Breach?
USAA only admitted the breach exists to a small number of people. The company sent out a letter that stated some USAA members were impacted by this breach. It does not cover the full extent of the damage done, though. A few thousand members were impacted by this breach, and many of those individuals have not received a letter about the situation yet. It's unclear if another notice is going out or if more people will receive letters about the breach. The company hasn't commented on whether it's notified those involved or not.
What Will Become of the Stolen Information?
We suspect the attackers will misuse the data they have about USAA members, but we cannot say for sure. If there is enough information to launch phishing attacks or identity theft attacks, we have to assume that is the goal of the attackers. The information could be used in many different types of harmful attacks, and the parties impacted by this breach should take action to protect themselves from it as much as possible.
What Should Affected Parties Do in the Aftermath of the Breach?
If you believe you were impacted during this data breach, you should take immediate steps to guard your information and monitor your data and how it changes over time. The first thing you should do is monitor your credit for any odd changes. The best way to do that is to invest in a credit monitoring service. You should also be very careful not to give information away to anyone over email or over the phone. If someone asks for private information and you don't know who they are, take care to keep it to yourself.