KEY POINTS

  • Hackers took advantage of previously breached data 
  • The attack ran for more than a month
  • Geico was alerted when policyholders were notified of claims they did not apply for

Auto insurance company Geico suffered an online data breach exposing the driver's license numbers of its policyholders earlier this year, a notice filed with the California Attorney General's Office has said.

Dated April 19, the data breach notice filed by Geico talked about threat actors that stole customers’ information, specifically driver license numbers, Tech Crunch reported.

Geico is the second-largest auto insurance company in the US with 17 million policies for more than 28 million vehicles. The company said threat actors "obtain unauthorized access to your driver’s license number through the online sales system on our website."

The company confirmed that the access lasted for over a month from January 21 to March 1. Geico did not give any specific figures on the total number of affected policy holders’ data, The Verge reported.

Reports say that companies are required to report an incident to the Attorney General’s Office once the number of affected residents reaches or exceeds 500.

Geico said that the fraudsters exploited the weaknesses of previously breached data in order to obtain policy holders’ driver's license numbers. However, the auto insurer did not confirm what specific information the threat actors acquired in order to access Geico’s online sale portal.

Threat actors often use stolen data or identity to execute their financially driven scam. Yet, there are companies and US states that require a driver’s license for a policyholder to acquire their unemployment claims.

Last spring, some states reported a sudden rise in fraudulent claims as the offices encountered a spike in the number of unemployment claims due to the increase of people losing their jobs due to the pandemic.

Amid the increase in claims, consecutive reports about people receiving notifications about unemployment benefits they did not apply for alerted Geico.

The auto insurer said they immediately secured the website as soon as they discovered the abuse. They also strengthened their website security to prevent threat actors from creating further damage and to protect their customers from potential attacks.

Geico reminded the customers to be more vigilant when receiving emails or notifications about applications for any claims that they do did not apply for. If they find anything suspicious about the notifications they received, they should immediately get in touch with the agency, according to Bleeping Computer.

Russian operations have notably been aimed at creating a sense of vulnerability by breaching election databases and leaving "bread crumbs" that lead back to the Kremlin Russian operations have notably been aimed at creating a sense of vulnerability by breaching election databases and leaving "bread crumbs" that lead back to the Kremlin Photo: AFP / NICOLAS ASFOURI