Tue | Jun 18, 2024 | 5:33 AM PDT

Globe Life Inc., a major life insurance provider, disclosed in a recent SEC filing that it is investigating a security breach involving unauthorized access to consumer and policyholder information through a company web portal.

In the June 13th filing, Christopher T. Moore, Globe Life's Corporate Senior Vice President, Associate Counsel, and Corporate Secretary, stated that following an inquiry from a state insurance regulator, the company "initiated a review of potential vulnerabilities related to access permissions and user identity management for a Company web portal that likely resulted in unauthorized access to certain consumer and policyholder information."

Moore said Globe Life immediately removed external access to the affected portal upon being notified of the circumstances. While the company said it believes the issue is confined to this single portal and that overall operations will not be significantly impacted, an investigation aided by leading security experts is ongoing to understand the full scope and impact.

As of the filing date, Globe Life had not determined whether the incident qualifies as a material cybersecurity event required to be disclosed under SEC regulations. However, cybersecurity experts warn that such breaches require thorough remediation beyond just taking systems offline.

[RELATED: SEC Provides Clarity on Disclosing Material vs. Non-Material Cyber Incidents]

"Taking affected systems offline is a critical first step to containing any breach; however, it is not an all-encompassing solution, and continued remediation efforts will be necessary," said Anne Cutler, Cybersecurity Evangelist at Keeper Security. "Globe Life must conduct thorough analysis of its systems to rule out any lateral movement and implement comprehensive network monitoring to understand the full extent of the breach."

Jason Soroko, Senior Vice President of Product at Sectigo, notes that currently available details are insufficient to determine if further movements within Globe Life's networks were made. "It is unclear whether the vulnerability allowed access to the underlying system and enabled lateral movement," he said.

While Globe Life has not reported any material operational impact yet, the company's quick disclosure and action to disable the affected portal has drawn praise. However, cybersecurity experts emphasize that comprehensive investigation and remediation efforts are critical to ensure no lingering vulnerabilities or unauthorized access paths remain.

As cyber threats continue to evolve, this latest incident underscores the importance of robust identity management, access controls, and continuous monitoring to safeguard sensitive stakeholder data for all organizations.

Follow SecureWorld News for more stories related to cybersecurity.