2024-10-17 GLOBE LIFE INC. Cybersecurity Incident

Page last updated on October 17, 2024

GLOBE LIFE INC. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2024-10-17 07:00:16 EDT.

Company Summary

Globe Life provides term life insurance, whole life insurance, final expense insurance, accidental death insurance, mortgage protection insurance, cancer insurance, ICU insurance, hospital insurance, and children’s life insurance.

Incident Details

Material: Unknown
Is Breach: TRUE
Records Compromised: 5,000
Data Types Impacted: Health insurance information, Health data, Social Security Number, Home address, Email, Name

Compromised Date:
Detected Date:
Disclosure Date: 2024-10-17
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2024-10-17

GLOBE LIFE INC. filed an 8-K at 2024-10-17 07:00:16 EDT
Accession Number: 0000320335-24-000056

Item 8.01 Other Events.

Globe Life Inc. (the “Company”) recently received communications from an unknown threat actor seeking to extort money from the Company in exchange for not disclosing certain information held and used by the Company and its independent agents. After becoming aware of this, the Company immediately activated its incident response plan and, with the assistance of experienced counsel and external cybersecurity experts, launched an investigation. The Company has reported this extortion attempt to and is cooperating with federal law enforcement.

Based on the Company’s investigation to date, which remains ongoing, the Company believes that information relayed to the Company by the threat actor may relate to certain customers and customer leads that can be traced to the Company’s subsidiary, American Income Life Insurance Company. This information includes certain personally identifiable information categories such as names, email addresses, phone numbers, postal addresses, and in some instances Social Security numbers, health-related data, and other policy information for approximately 5,000 individuals; however, the total number of potentially impacted persons or the full scope of information possessed by the threat actor has not been fully verified. This information does not appear to contain personally identifiable financial information such as credit card data or banking information. Most recently, the threat actor also shared information about a limited number of individuals to short sellers and plaintiffs’ attorneys. The threat actor claims to possess additional categories of information, which claims remain under investigation and have not been verified.

To date, the extortion attempts have not involved the use of ransomware or resulted in an interruption to the Company’s systems, services, or business operations. The Company will notify individuals affected by this incident, take steps as needed to protect and remediate the impact for them, and continue to communicate with regulatory authorities. As of the date of this filing, the Company believes this incident has not materially impacted its operations and does not expect this incident is reasonably likely to have a material impact on the Company, including its financial condition or results of operations.

Company Information