Over 66K impacted by SIM swapping attack against US insurers

Major U.S. insurance firms Bankers Life and Casualty Company and Washington National Insurance Company disclosed having data from more than 66,000 customers stolen following a SIM swapping attack in November, according to Hackread. Attackers performed SIM swapping against a senior officer to facilitate the compromise of individuals' names, birthdates, customer account numbers, and Social Security numbers as part of the breach, reported both insurers, which are CNO Financial Group subsidiaries. Further investigation into the extent of the incident is still underway. However, Comparitech Head of Data Research Rebecca Moody warned that SIM swapping attacks could be conducted as a prelude to ransomware intrusions. "For example, Advarras ransomware attack in October 2023 was carried out after one of its executives was the victim of a SIM swap. ALPHV/BlackCat claimed the attack and said it had stolen 120GB+ of data. This included sensitive data belonging to employees, patients, and customers," added Moody, who called for the adoption of secure authentication apps to avert SIM swapping attacks.