In a concerning turn of events, Fidelity Investments Life Insurance, a major insurance provider, has fallen victim to a data breach. Sensitive information belonging to tens of thousands of Fidelity customers was stolen, reportedly due to a supply chain attack that occurred in November 2023. Let’s delve into the details.
The Breach Details
Affected Customers: Approximately 28,268 Fidelity customers had their private data compromised.
Breach Source: The attack originated from a data breach at Infosys McCamish Systems LLC, a US subsidiary of Indian tech services giant Infosys.
Data Leaked: The stolen data includes:
Names
Social Security numbers
States of residence
Bank accounts and routing numbers
Credit/debit card numbers (in combination with access codes, passwords, and PINs)
Dates of birth
The Implications
This database is a treasure trove for hackers, providing enough information to mount incredibly believable phishing attacks, identity theft, impersonation, wire fraud, and other scams. The breach underscores the critical need for robust cybersecurity practices and vigilance.
LockBit’s Involvement
Soon after news of the breach broke, ransomware operators LockBit claimed responsibility. LockBit is one of the world’s biggest and most dangerous ransomware-as-a-service operators. Despite previous law enforcement actions against them, LockBit swiftly returned, propping up new infrastructure and targeting new victims.
Protecting Yourself
As individuals, we must remain vigilant. Regularly monitor your financial accounts, be cautious of unsolicited communications, and promptly report any suspicious activity. Cybersecurity awareness is our best defense.
For more insights, visit our blog post: Russian Stock Exchange Hacked