EMC National Life Co. has contacted an undetermined number of customers regarding a phishing incident that could have resulted in unauthorized parties gaining access to personal information.
The arm of Des Moines-based EMC Insurance Cos. began a “prompt and thorough” investigation upon learning of an issue with an employee’s email account, according to a March 3 letter mailed to customers and viewed by The Gazette.
Following the investigation, on Feb. 3, EMC National Life determined that the email account had been accessed between Dec. 8 and 9 through a phishing incident.
EMC National Life mailed written notice of the incident to a “limited” and undisclosed number of individuals with personal information contained in the access email account, confirmed Sarah Buckley, EMC Insurance Cos.’ director of community involvement.
The personal information in the email account included customers’ full names and Social Security numbers. EMC National Life has “no evidence that any of the information has been misused,” according to its letter.
The insurance company has offered free credit monitoring services through Experian to customers whose Social Security numbers were contained in the email account.
Notified individuals also were alerted as to ways they could protect their personal information, including by placing fraud alerts or security freezes on their credit reports, and receiving free credit reports to review to fraudulent activity.
ARTICLE CONTINUES BELOW ADVERTISEMENT
The phishing incident was isolated to EMC National Life’s email system, with EMC Insurance Cos.’ property and casualty operations — maintained on segregated systems — left unscathed, Buckley said.
Following the incident, EMC National Life has tightened security around its Microsoft Office 365 environment and implemented two-factor authentication, Buckley said.
Comments: (319) 398-8366; firstname.lastname@example.org