Insurance Companies Are The Latest Target In Hacking Crosshairs
By: Jim Stickley and Tina Davis
February 21, 2021
Always in search of a fruitful target, hackers are now turning their attention to the insurance provider industry. Although some insurance providers, such as with healthcare, have been an ongoing target for ransomware and other cyberattacks, insurance companies of all types are now in hacker crosshairs. These companies maintain vast databases on their clients as part of doing business. Hackers have now identified this data-rich PII (personally identifiable information) includes Social Security numbers, government IDs, income, personal property, work, and home locations, and much more. Insurance providers unknowingly provide bad actors a cache of PII they can use for insurance fraud and financial theft. While the insurance industry scrambles to catch up with the latest security technology, hackers are left with ripe targets for data hacks.
Why Insurance Providers?
Security experts believe a significant reason the insurance industry has recently come under fire is that financial organizations, who have long been a hacker favorite target, have bolstered their own cybersecurity measures as a result of numerous attacks. Doing so leaves cybercriminals in need of a new and easy target and that target is now insurance providers. A survey by KPMG sums up the dire need for improved security technology in the industry, with only 43% of insurance executives believing their company is prepared for a cyberattack. That dismal number leaves a huge attack surface for hackers to exploit, and they’re doing so at this very moment.
Data Hack Damage
These attacks can cripple an organization as well as their customers and can lead to reputations, identities, and finances being ruined in the blink of an eye. As a result of a cyberattack, some insurance providers won’t be able to survive the data breach, including the lawsuits and fines that can result. For those choosing to defend against these attacks, updating security systems needs to have top priority and not be delayed another day.
Just some of the top attacks insurance companies need to be prepared for are theft of a company’s customer PII; theft of employee banking information; insurer non-compliance with the Payment Card Industry Data Security Standard; targeted customer data bases that enable insurance fraud.
A Plan for Data Protection
There are many ways insurance companies can protect themselves and their customers and bolster their data systems. Email phishing attacks are a hacker’s favorite way to infiltrate a data system and the PII they steal in data breaches further enable these attacks. Ongoing employee cyber education is an investment in security, as staff are often the first line of defense against data attacks. And most importantly, devising a data security plan with the help of a cybersecurity professional provides protection from the above threats and more, including those threats still unknown. As the latest target for hackers, insurance companies need to invest in their future by securing its systems and protecting themselves and their customers from all hacking threats.