Geico, the Second-largest Car Insurance provider in America, has fixed a security bug that gave access to hackers who stole customers’ driver’s license numbers from its website.
Information gathered from other sources by the Insurance company confirmed that the fraudsters gained unauthorized access to the driver’s license number of individuals through the online sales system on our website. This statement, Geico maintained, in a notification sent to the Attorney General’s Office in California.
The Insurance company is yet to confirm how many policies were hacked into by the breach. However, the driver’s license numbers that the fraudsters had accessed to were the ones between January 21 and March 1.
According to a spokesperson at Geico, “We have reason to believe that this information could be used to fraudulently apply for unemployment benefits in your name. If you receive any mailings from your state’s unemployment agency/department, please review them carefully and contact that agency/department if there is any chance fraud is being committed,”
This seems to be the newly devised Cybercrime by fraudsters. They target government agencies using stolen identities or data to commit fraud.
To get a driver’s license number, fraudsters take public or previously breached data and exploit weaknesses in motor insurance sites to obtain a customer’s driver’s license number. That gives fraudsters the ability to obtain unemployment benefits on behalf of someone else.
This same crime happened earlier this year with San Francisco’s Metromile. The Insurance startup admitted a bug on its website which was used to obtain driver’s license numbers for six months before it was fixed in January.
If you’ve received correspondence from your state government and haven’t filed for unemployment benefits, there’s a good chance your personal data may have been used fraudulently.
There are two responses by Geico that confirm why they are worthy of recommendation. They found out the data breach and quickly took action by;
1). Securing the website and adding additional safeguards to prevent further fraud or illegal activities.
2). Alerting the Attorney General of the State.
It’s no doubt they are the next to number one Insurance company in the United States. Geico is offering a free one-year subscription to an identity protection service to customers who were affected. The company has urged them to report (as fraud) any unexpected mailings they might receive from their state’s unemployment agency.
