A threat actor identified as ‘wangfei19860902055’ recently advertised the sale of a database related to Government Employees Insurance Company (GEICO) on a popular dark web forum. The alleged GEICO data breach incident came to light on January 14, 2024, when the threat actor posted details on the Nuovo BreachForums.
According to the information obtained, the compromised database contains 552,900 records with various personal information fields such as first name, last name, phone number, address, city, and state. The Cyber Express has attempted to contact GEICO for a statement regarding this alleged data breach. However, as of now, there has been no official response from the company, leaving the claims unconfirmed from the company’s perspective.
Breaking Down the GEICO Data Breach Claims
The threat actor posted claims of the dark web first. The alleged GEICO data leak post reads, “GEICO Private Automobile Insurance Company of America, total 552,900 entries, de-focused, all screened open WS First-hand data, see screenshot below for formatting. Sold as a whole, not split, for data security reasons. Samples are as follows.”
Moreover, this is not the first time GEICO has faced a cybersecurity incident. In August 2023, the company encountered a nationwide class action lawsuit, accusing it of compromising customer privacy through the unauthorized release of driver’s license numbers. These released numbers were later exploited by identity thieves to secure fraudulent unemployment benefits.
The GEICO Data Leak Lawsuit
The lawsuit, proceeding in the US District Court, alleges that GEICO’s practice of auto-populating driver’s license numbers during the online insurance quote process enabled criminals to breach the system between November 24, 2020, and March 1, 2021. This GEICO data breach resulted in the fraudulent application for unemployment benefits under victims’ names.
Despite the ongoing legal battle, GEICO is now facing another potential data breach, raising concerns about the company’s cybersecurity measures. It’s important to note that while the previous incident involved the release of driver’s license numbers, there is no evidence suggesting a direct correlation between the two incidents.
US District Judge Kiyo Matsumoto, who presided over the previous lawsuit, emphasized that it would be premature to dismiss GEICO’s responsibility for the plaintiffs’ injuries. The decision was based on the understanding that the data theft was part of a larger “concerted campaign by fraudsters” targeting the online quotation systems of insurance companies.
As the situation unfolds, it remains unclear whether the current data breach is linked to previous incidents. This is an ongoing story, and further updates will be provided as more information becomes available or upon any official confirmation from GEICO.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
