Things are looking pretty rough for GEICO, as not only did the insurer recently suffer a data breach, but it was also discovered that the hackers responsible are using consumers’ compromised information to fraudulently apply for unemployment benefits.
The breach was first disclosed to customers in April. GEICO claimed that no other information but customers’ driver’s license numbers were leaked; at the time, it did not reveal the exact number of customers affected by the breach.
But in a recent notice sent to customers, GEICO said that a security flaw allowed malicious actors to copy the personally identifiable information (PII) of approximately 132,000 customers between January 21 and March 01.
The insurer also warned customers that the cyberattack perpetrators had also begun to abuse the information they stole.
“We determined that … fraudsters used information about you which they acquired elsewhere to obtain unauthorized access to your driver’s license number through the online system on our website,” GEICO said in the notice.
“We have reason to believe that this information could be used to fraudulently apply for unemployment benefits…