Sensitive information belonging to tens of thousands of Fidelity Investments Life Insurance customers was stolen, allegedly thanks to a supply chain attack that occurred in 2023.
The insurance giant has filed a data breach notification with the Maine attorney general's office claiming that 28,268 of its customers had their private data leaked after a data breach at Infosys McCamish Systems LLC, a US subsidiary. from the Indian technology services giant Infosys.
The breach, which occurred in November 2023, resulted in the theft of people's names, Social Security numbers, states of residence, bank account and routing numbers, or credit/debit card numbers in combination with the passcode , password and account PIN. and dates of birth.
LockBit's participation
This database is a true treasure trove for all hackers, providing enough information to mount incredibly credible phishing attacks, identity theft, spoofing, phishing, and a host of similar scams.
Shortly after news of the breach broke, ransomware operators LockBit took responsibility. LockBit is one of the largest and most dangerous ransomware-as-a-service operators in the world, whose affiliates are behind some of the most devastating ransomware attacks in recent times.
LockBit was also the target of Operation Cronos, a major police operation led by the UK's NCA, which occurred earlier this year. During the operation, dozens of LockBit servers were seized, stolen data was recovered, its websites were defaced, and information on nearly 200 affiliates was obtained.
However, as no arrests were made, LockBit quickly returned, shoring up new infrastructure and websites in less than a week. The website immediately featured five new victims.
In mid-January 2024, Fidelity National Financial suffered an attack in which BlackCat hackers stole data from more than one million customers.
