A threat actor claims to have breached American Income Life (AIL), a prominent US-based provider of life, accident, and supplemental health insurance. The actor is offering a database for sale on a cybercrime forum, alleging it contains sensitive information exfiltrated from the company’s systems and impacts its clients.
According to the actor, the exfiltrated database contains 150,000 records of policyholders. The compromised information allegedly includes full names, policy writing numbers, phone numbers, email addresses, physical addresses, dates of birth, death benefits, gender, policy status, effective dates, premium amounts, and carrier information.
