Jeffrey Wade
In March 2021, Infinity Insurance Company notified an unknown number of individuals of a data security incident that occurred on December 26, 2020. The company claimed that an unauthorized party accessed files on its company servers over two days in late December. Many people took to social media to express confusion and suspicion about the validity of the notice, as they had never been customers or employees of Infinity. While some believed it was a scam, others received confirmation from Infinity representatives that the breach was real. A class-action lawsuit has since been filed against Infinity and its parent company, Kemper Corporation, alleging that they engaged in negligent and reckless conduct with respect to customers' privacy rights.
| Characteristics | Values |
|---|---|
| Date of data breach | 26 December 2020 |
| Date of notification | 16 March 2021 |
| Company servers accessed | Yes |
| Customer data accessed | Yes |
| Customer data type | Names, addresses, Social Security numbers, driver's license numbers, medical leave details, and workers' compensation claim data |
| Class action lawsuit | Yes |
| Company response | One year of credit monitoring services |
| Company contact number | 877-316-0057 |
| Scam suspicion | Yes |
Explore related products
What You'll Learn
- Infinity Insurance Company notified an unknown number of people about a data breach
- The breach occurred on December 26, 2020, and was announced in March 2021
- A proposed class action lawsuit has been filed against Infinity and Kemper Corporation
- Some believe the breach notification letters are a scam
- A second data breach was announced in May 2021
Infinity Insurance Company notified an unknown number of people about a data breach
On March 16, 2021, Infinity Insurance Company notified an unknown number of individuals about a data security incident that occurred on December 26, 2020. The company claimed that an unauthorized party accessed files on certain company servers in their network over two days in late December. The notice included an offer for one year of credit monitoring services. However, many people complained about the provided information line not working reliably and expressed frustration about being unable to obtain useful information.
While some suspected the data breach notification to be a scam, others confirmed its legitimacy. Several individuals who received the notice had never been customers or employees of Infinity, leading them to question the validity of the situation. However, some people contacted Infinity Insurance directly (rather than using the number provided in the letter) and confirmed the data breach with company representatives.
The data breach exposed sensitive information, including customers' and employees' names, addresses, Social Security numbers, driver's license numbers, medical leave details, and workers' compensation claim data. A lawsuit was filed against Infinity Insurance and its parent company, Kemper Corporation, alleging that the breach occurred due to their negligent and careless acts and omissions and their failure to protect customers' personally identifiable information (PII).
On May 25, 2021, Infinity Insurance Company notified an unknown number of individuals of another data security incident that occurred between January 7, 2021, and April 4, 2021. This second breach involved unauthorized access to applications used to obtain online auto insurance quotes. An unauthorized party submitted applications using information obtained elsewhere, potentially compromising sensitive data.
Health and Sickness: Impact on Life Insurance Eligibility
You may want to see also
Explore related products
The breach occurred on December 26, 2020, and was announced in March 2021
On 16 March 2021, Infinity Insurance Company (also known as Infinity) notified an unknown number of individuals of a data security incident. The breach occurred on 26 December 2020, and was announced in March 2021.
The company claimed that an unauthorized party accessed files on certain company servers in their network over two days in late December. The notice included an offer of one year of credit monitoring services.
Many people were concerned about the potential fraud and questioned the validity of the situation, as some who received the letter had never been customers or employees of Infinity. Some suspected a phishing scam designed to expose personal details.
However, some individuals confirmed the breach by calling Infinity's direct phone line, and the data breach was reported to and listed on the website of the Attorney General for the State of California.
A lawsuit was filed against Infinity and its parent company, Kemper Corporation, alleging that the breach occurred due to the defendants' negligent, careless, and reckless conduct, resulting in increased risk of identity theft and fraud for those affected.
Life Insurance: Extra Cover, Extra Worth?
You may want to see also
Explore related products
A proposed class action lawsuit has been filed against Infinity and Kemper Corporation
On March 16, 2021, Infinity Insurance Company notified an unknown number of individuals of a data security incident that occurred on December 26, 2020. The company claimed that an unauthorized party had accessed files on certain company servers in their network over two days in late December. Many people took to social media to express their confusion and suspicions of potential fraud, as the formal notice lacked details, and many who received it had never been customers or employees of Infinity.
In response to this data breach, a proposed class action lawsuit has been filed against Infinity and its parent company, Kemper Corporation. The lawsuit, which originated in Illinois, alleges that the breach occurred due to the defendants' "negligent and/or careless acts and omissions" and their failure to protect customers' personally identifiable information (PII). The case contends that Infinity and Kemper failed to implement adequate data security measures, resulting in injuries to those affected, such as lost time and an increased risk of identity theft and fraud.
The lawsuit further claims that the defendants "knew, or reasonably should have known" of the importance of safeguarding customers' and employees' information and the potential consequences of a data breach, including the financial impact on those affected. It accuses Infinity and Kemper of engaging in "negligent, knowing and willful, and/or wanton and reckless" conduct concerning the proposed class members' privacy rights.
The proposed class action lawsuit seeks to compensate data breach victims, and those covered by the settlement, referred to as class members, should have already been notified via email or mail with a unique code. Class members are automatically included in the class unless they choose to opt out, and no further action is required from them during the litigation process. If the lawsuit succeeds, all class members will receive equal compensation, regardless of the extent of the harm they suffered.
Life Insurance: When to Buy for Peace of Mind
You may want to see also
Explore related products
Some believe the breach notification letters are a scam
On March 16, 2021, Infinity Insurance Company notified an unknown number of individuals of a data security incident that occurred on December 26, 2020. The company claimed that an unauthorized party accessed files on its servers over two days in late December. However, the breach notification letters sparked concerns among some recipients, who suspected them to be a scam.
Several individuals expressed doubts about the legitimacy of the letters, as they had never been customers or employees of Infinity Insurance. The absence of the company's logo and the use of generic envelopes raised suspicions. Some people received letters with outdated personal information, such as former names or addresses, further fueling concerns about a potential scam. The included phone number was also unreliable, with many people experiencing difficulties reaching the company or obtaining useful information.
The vague language used in the letters and the lack of detailed information about the data breach contributed to the skepticism. Some recipients found the content of the letters to be evasive and unclear, raising questions about the nature and extent of the security breach. The letters' focus on a "security breach" on unspecified servers seemed like a vague attempt to elicit a response.
The timing and context of the letters also played a role in the scam suspicions. Some individuals reported receiving the letters shortly after experiencing potential identity theft or fraud incidents. For example, one person shared that someone had used their personal information to file for unemployment benefits, raising concerns about the timing of the breach notification letter.
While some people dismissed the letters as scams, others took a more cautious approach. A few individuals recommended contacting Infinity Insurance directly through their official contact channels or visiting their website instead of using the potentially suspicious phone number provided in the letter. They emphasized the importance of verifying the information through legitimate sources to ensure the protection of their personal information.
Group Insurance: Term Life Insurance for Employers
You may want to see also
Explore related products
A second data breach was announced in May 2021
On May 25, 2021, Infinity Insurance Company announced another data security incident that took place between January 7, 2021, and April 4, 2021. This was the second data breach announced by the company in 2021, following a previous breach that occurred on December 26, 2020.
The May 2021 data breach involved applications used by insurance agents and consumers to obtain online auto insurance quotes. An unauthorized party submitted applications to obtain insurance quotes using information obtained elsewhere. This type of application typically includes sensitive data such as driver's license numbers.
The announcement of the second data breach sparked concerns among individuals who received notifications, with some questioning the legitimacy of the breach and suspecting potential fraud or a scam. It is important to note that data breaches can have significant consequences for affected individuals, including increased risks of identity theft and fraud.
While there were doubts about the legitimacy of the breach notifications, it is important to take data breaches seriously and remain vigilant about protecting personal information. Individuals who believe they may have been impacted by the Infinity Insurance data breach are advised to take proactive steps to secure their personal information and monitor their accounts and credit reports for any suspicious activity.
Affected individuals may also consider seeking legal advice or joining class-action lawsuits to seek compensation and accountability for the breach. It is crucial to prioritize the security and privacy of personal information to mitigate the potential harm caused by data breaches.
How to Apply for Life Insurance on Someone Else's Behalf
You may want to see also
Frequently asked questions
Yes, Infinity Insurance Company (Infinity) notified an unknown number of individuals of a data security incident that occurred on December 26, 2020. The company claimed that an unauthorized party accessed files on its company servers.
The lawsuit alleges that exposed in the incident were customers' and employees' names, addresses, Social Security numbers, driver's license numbers, medical leave details, and workers' compensation claim data.
While many people suspected the data breach to be a scam due to inconsistencies in the notification letters, it was indeed a legitimate breach.
