Sensitive data from American National Insurance Company breach resurfaces online

Nearly two years after a significant cyberattack, sensitive data belonging to customers and employees of the Texas-based American National Insurance Company (ANICO) has reportedly surfaced online for sale. The breach, initially linked to the widespread MOVEit vulnerability in 2023, is now under renewed scrutiny after a hacking forum ad revealed the sale of a stolen database containing 279,332 lines of sensitive information.

According to cybersecurity researchers at SafetyDetectives, the data includes customer details such as full names, birthdates, marital statuses, occupations, phone numbers, email addresses, account IDs, policy types, premium amounts, and annuities. Employee data in the database reportedly includes names, email addresses, years of service, and agent and manager contact information. A sample of the leaked database shared by the seller appears to validate these claims.

The advertisement for the stolen data was identified on BreachForums, a prominent hacking community. Researchers noted that the seller provided a 90MB CSV file as proof of authenticity. While the seller did not explicitly confirm the source of the data, ANICO had previously disclosed its exposure to the MOVEit breach, leading to speculation that this recent leak may be tied to that incident.

In 2023, ANICO suffered a significant cyberattack linked to the MOVEit vulnerability, a zero-day exploit that compromised numerous organizations worldwide. Legal experts from Console & Associates, P.C., had reported that the breach exposed Social Security numbers, financial account details, and medical records. However, SafetyDetectives could not independently confirm whether the newly advertised database includes such information.

Cybercriminals have widely exploited the MOVEit vulnerability, leveraging it to exfiltrate sensitive data from affected organizations. ANICO’s recent filing with the Texas Attorney General may indicate ongoing fallout from the incident. However, the company has not explicitly confirmed the connection between the 2023 breach and this latest development.

American National Insurance Company is a prominent financial services provider, offering a range of products including life, health, and property insurance, annuities, and pension plans. The breach has heightened concerns about customer and employee data security, with significant implications for those impacted.

Experts advise affected customers and employees to remain vigilant against identity theft and fraud. Recommendations include monitoring bank accounts, updating passwords, and being cautious of phishing attempts. ANICO has not yet released an official statement regarding the latest developments.