Cybersecurity researchers discovered 270,000+ lines of American National Insurance customer data leaked online, potentially linked to the 2023 MOVEit breach. Learn about the exposed data and how to protect yourself.
SafetyDetectives’ Cybersecurity Team discovered a forum post on Breach Forums, a clear web platform for data breaches, where a threat actor shared a link to a database containing 279,332 lines of sensitive data allegedly belonging to the American National Insurance Company (ANICO). This data, apparently from the 2023 data breach, includes customer and some employee information.
For your information, American National Insurance Company, headquartered in Galveston, Texas, employs over 4,600 people and generates over $1.1 billion in annual revenue through its subsidiaries. The leaked data, available in a .CSV file, is still available on the forum to download. The exposed information includes:
- Customer Data: Account ID, Status, Email Address, Full Name, Date of Birth, Age, Gender, Marital Status, Generation, Occupation, Phone, Language, Full physical address, Inforce Premium Amount, Inforce Premium Amount Annuity, Type of Policy.
- Employee Data: Years In Force, Agent Name, Agent Email, MLGA/RGA Name, MLGA/RGA Email.
SafetfyDetectives research suggests a strong connection between the 2023 MOVEit breach and the recent data exposure of American National Insurance Company. ANICO has publicly acknowledged being impacted by a cyberattack involving MOVEit, a file transfer application developed by Progress Software.
This indicates that the company’s systems were vulnerable to exploitation through the MOVEit vulnerability. The Cl0p ransomware group, known for exploiting the MOVEit vulnerability in numerous attacks, was specifically mentioned in ANICO’s investigation. In August 2023, the Cl0p ransomware group had listed the company as a victim.
“Thus, it is possible that American National’s recent filing with the Texas Attorney General is referring to a MOVEit breach. However, this has not yet been confirmed by the American National,” SafetyDetectives’ blog post read.
While a separate report from data breach lawyers at Console & Associates, P.C., suggests the exposure of Social Security Numbers, financial account information, and medical information during the 2023 breach, the data shared on the forum does not explicitly confirm this.
Nevertheless, the exposure of this sensitive information poses significant risks to individuals. Malicious actors could use personal information like Social Security numbers and financial details to impersonate individuals and commit fraud.
In contrast, the disclosure of medical information could lead to discrimination or misuse. Moreover, the exposed data could be used to launch targeted phishing attacks, tricking victims into revealing more personal information or clicking on malicious links.
Considering these dire consequences, it is recommended that individuals change passwords for compromised accounts and enable two-factor authentication. It is also essential to remain cautious of phishing attempts, review privacy settings on social media, and closely monitor bank accounts and credit reports for unauthorized activity.
If you suspect identity theft or fraud, report the incident to local law enforcement and relevant authorities. Also, check out this article to stay protected from online fraud.
