A threat actor identified as ‘wangfei19860902055’ recently advertised the sale of a database related to Government Employees Insurance Company (GEICO) on a popular dark web forum. The alleged GEICO data breach incident came to light on January 14, 2024, when the threat actor posted details on the Nuovo BreachForums.
According to the information obtained, the compromised database contains 552,900 records with various personal information fields such as first name, last name, phone number, address, city, and state. The Cyber Express has attempted to contact GEICO for a statement regarding this alleged data breach. However, as of now, there has been no official response from the company, leaving the claims unconfirmed from the company’s perspective.
The threat actor posted claims of the dark web first. The alleged GEICO data leak post reads, “GEICO Private Automobile Insurance Company of America, total 552,900 entries, de-focused, all screened open WS First-hand data, see screenshot below for formatting. Sold as a whole, not split, for data security reasons. Samples are as follows.”
Moreover, this is not the first time GEICO has faced a cybersecurity incident. In August 2023, the company encountered a nationwide class action lawsuit, accusing it of compromising customer privacy through the unauthorized release of driver’s license numbers. These released numbers were later exploited by identity thieves to secure fraudulent unemployment benefits.
The lawsuit, proceeding in the US District Court, alleges that GEICO’s practice of auto-populating driver’s license numbers during the online insurance quote process enabled criminals to breach the system between November 24, 2020, and March 1, 2021. This GEICO data breach resulted in the fraudulent application for unemployment benefits under victims’ names.
Despite the ongoing legal battle, GEICO is now facing another potential data breach, raising concerns about the company’s cybersecurity measures. It’s important to note that while the previous incident involved the release of driver’s license numbers, there is no evidence suggesting a direct correlation between the two incidents.
US District Judge Kiyo Matsumoto, who presided over the previous lawsuit, emphasized that it would be premature to dismiss GEICO’s responsibility for the plaintiffs’ injuries. The decision was based on the understanding that the data theft was part of a larger “concerted campaign by fraudsters” targeting the online quotation systems of insurance companies.
As the situation unfolds, it remains unclear whether the current data breach is linked to previous incidents. This is an ongoing story, and further updates will be provided as more information becomes available or upon any official confirmation from GEICO.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Cyble researchers have identified a sophisticated attack campaign that uses obfuscation, a unique User Account Control (UAC) bypass and other…
The CL0P ransomware group appears to be targeting internet-facing Gladinet CentreStack file servers in its latest extortion campaign. The Curated…
The University of Sydney cyberattack exposed staff, student, and alumni data. Notifications and support services have been initiated.
ET Edge names Cyble CEO Beenu Arora an Impactful CEO 2025, recognizing his leadership in AI-powered cybersecurity and digital trust.
Denmark blames Russia for cyberattacks on critical infrastructure and election websites, signaling an ongoing hybrid threat in Europe.
The Indian cyber insurance market is undergoing significant transformation in response to the DPDP Act and evolving threat landscape.
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More