Top Cybersecurity Breaches in the Insurance Industry: Lessons Learned from the Biggest Hacks

Top cybersecurity breaches in insurance (2015-2025): Learn from Anthem, Progressive hacks. Key lessons & how Gonzalez Insurance cyber solutions protect your business.

The insurance industry is a prime target for cybercriminal vaunts because it manages vast amounts of highly sensitive personal financial information and medical records. Over the decade that just elapsed, major breaches have revealed weaknesses in long-established organizations and caused consumer trust to diminish. The scars associated with financial losses and legal battles are very deep indeed. An analysis revealing the antecedent major cybersecurity events from 2015 to 2025 is a raw opportunity for businesses to discern essential vulnerabilities so as to implement measures of defense. This blog presents five of the most noteworthy breaches with their consequences and ways forward with practical lessons against future attacks.

Major Breach Case Studies (2015–2025)

1. Anthem (2015, Health Insurer)

How many accounts were compromised?

The breach impacted data related to approximately 80 million individuals, making it the largest health data breach in U.S. history.

What data was leaked?

The exposed information included social security numbers, birth dates, income data, street addresses, email addresses, and employment details (e.g., job titles and employers).

How was Anthem hacked?

Cyber attackers penetrated Anthem’s IT system through the exploitation of an e-mail spear phishing―an attack vector directed at an Anthem subsidiary. Later on, the database administrator found his credentials used without his authorization. From December 2, 2014, to January 27, 2015, the hackers were able to steal electronic protected health information (ePHI), showing how deficient the company was in employee training and credential management.

2. Progressive Casualty Insurance (2023, P&C Insurer)

How many accounts were compromised?

The breach impacted approximately 347,000 individuals.

What data was leaked?

Exposed information comprised names, postal addresses, driver’s license numbers, email addresses, telephone numbers, social security numbers, dates of birth, bank routing numbers, and checking account numbers.

How was Progressive hacked?

Unauthorized persons made use of access credentials improperly shared by one of the third-party vendors, thereby, highlighting the risks associated with improper vendor control. A punitive consumer class-action suit was filed, charging negligence in the protection of consumer data.

3. Landmark Admin (2024, Life Insurance TPA)

How many accounts were compromised?

The breach impacted producers, insured individuals, policy owners, and beneficiaries. The exact number of compromised accounts remains undisclosed, as Landmark continues notifying affected individuals.

What data was leaked?

Some of the names, addresses, social security numbers, tax identification numbers, driver’s license numbers, passport numbers, financial account information, medical histories, birth dates, health insurance policy numbers, and life/annuity policy information may have been exposed potentially.

How was Landmark hacked?

On 13th May 2024, some suspicious activities were detected in the IT infrastructure of Landmark. The next relevant day, unauthorized access was confirmed. The affected systems were disconnected, and remote access was discontinued as further assistance from cybersecurity experts continued for investigation purposes.

4. New Era Life Insurance (2024, Life & Health Insurer)

How many accounts were compromised?

The breach exposed the protected health information (PHI) of 335,506 people across the Midwest, Philadelphia American Life, and New Era Life branches.

What data was leaked?

Stolen data included names, insurance IDs, birth dates, social security numbers, and treatment data.

How was New Era Life hacked?

Threat actors copied files from systems between December 9 and 18, 2024, despite the swift isolation of affected networks. Third-party experts confirmed unauthorized access to agent, policyholder, and partner data.

5. Globe Life/American Income Life (2024, Life Insurer)

How many accounts were compromised?

Approximately 850,000 customers were notified after hackers breached databases maintained by independent agency owners.

What data was leaked?

Accessed information included names, email addresses, phone numbers, postal addresses, social security numbers, health data, and insurance policy details.

How was Globe Life hacked?

In October 2024, hackers breached databases at independent agencies, later attempting to extort the company. While only 5,000 individuals were confirmed affected, Globe Life proactively notified 850,000 customers.

Lessons Learned

  • Third-Party Risk is Paramount: Progressive and Globe Life’s breaches underscore the dangers of relying on third parties with weak security practices. Partners and vendors are required to follow strict cybersecurity guidelines.
  • Prevent Phishing & Credential Theft: Anthem’s breach originated from a phishing attack. Regular employee training and multi-factor authentication (MFA) are critical to thwart credential-based intrusions.
  • Encrypt & Minimize Data: Landmark and New Era incidents highlight the risks of storing excessively sensitive data. Encryption and data minimization reduces the fallout of breaches.
  • Detect & Respond Quickly: Landmark’s rapid response limited damage. Continuous monitoring and incident response plans ensure swift action during attacks.
  • Leverage Cyber Insurance & Planning: Cyber insurance mitigates financial losses from breaches, covering legal fees, recovery costs, and regulatory fines.

Cyber Insurance Explained

Definition

A cyber insurance is a form of insurance specifically created to help business sectors diminish their losses due to cyberattacks or data breaches. Such insurance covers the expenses that arise in investigation, recovery, and mitigation of loss suffered in such cases.

First-Party vs Third-Party Coverage

  • First-Party: This protects your business directly from losses you incur as a result of a cyber event. Think of it as covering your own expenses.
  • Third-Party: This protects your business from claims made against you by other parties (e.g., customers, vendors, partners) who have been harmed as a result of a cyber event that originated from your organization. Think of it as protecting you from liabilities to others.

Typical Coverages

  • Data breach response
  • Business interruption
  • Data recovery
  • Cyber extortion
  • Legal liability
  • Regulatory fines and penalties

Common Exclusions

  • Pre-existing conditions
  • Failure to maintain security
  • Intentional acts
  • Infrastructure failure
  • War and terrorism
  • Intellectual property theft

Key Benefits

  • Financial protection
  • Legal and regulatory compliance
  • Reputational risk management
  • Expert assistance
  • Business continuity
  • Peace of mind

Conclusion: Why Cyber Insurance is the Ultimate Safety Net for Modern Businesses

Cyber breaches are systemic risks in the insurance industry, ranging from phishing to third-party failures; the good thing, however, is that some proactive measures can avert these threats. Perhaps equally important is investing in cyber insurance provides an adequate financial cushion against unforeseen attacks.

Gonzalez Insurance specializes in customizing cyber insurance to safeguard businesses such that the coverage is tailored specifically to your risk profile. From business interruption to data recovery, our staff analyzes your portfolio and provides solutions customized to your needs. Don’t wait for a breach to strike—contact us today to secure your business’s future.

FAQs

1.     I keep hearing about insurance companies getting hacked. Is this really that big of a problem?

Yes, it is! Insurance companies manage tons of sensitive data, making them prime targets for cybercriminals. Recent breaches, like Anthem and Progressive, show how widespread and damaging these attacks can be.

2.     What’s the deal with “third-party risk” mentioned in the blog? Should I be worried about my vendors?

Absolutely. Breaches like Progressive and Globe Life highlight how vulnerable you are if your vendors have poor security. Make sure your partners adhere to strict cybersecurity standards to protect your own data.

3.     The blog mentioned cyber insurance. Is it really worth the cost?

Definitely. Cyber insurance can cover expenses like legal fees, data recovery, and regulatory fines that result from an attack. It offers financial protection and helps you manage the fallout of a breach.

Tags: