Geico, a US-based auto insurance company has disclosed a data breach incident affecting their customers’ driver’s license numbers. This was caused due to a bug which was now patched. In its notification, Geico didn’t mention the number of customers affected and the scope of the breach. It’s expected that fraudsters may exploit them for availing fake unemployment benefits.
Geico Data Breach Leaking Driver’s License Numbers
Geico is the second-largest US auto insurer, governed by Berkshire Hathaway and having over 40,000 employees. The company has recently disclosed a data breach incident affecting an unknown number of its customers. The details breached in this incident are the customers’ driver’s license numbers.
These are adequately sensitive as driver license numbers are one of the major identifying elements in applying for any government grants, like unemployment benefits. Cybersecurity experts and Geico have warned about similar risks of fraudsters obtaining the data.
In its regulatory filing with California’s State Attorney General, Geico revealed that fraudsters had accessed the details between January 21st to March 1st. The bug, which led them to access the details is now patched.
Geico also said that the information obtained was “through the online sales system on our website.” Also, there’s a “reason to believe that this information could be used to fraudulently apply for unemployment benefits in your name.” Throughout, Geico didn’t specifically mention the number of customers affected by this incident, and the scope of it.
As reporting to the authorities require an incident to be affecting at least 500 people, it’s safe to assume that at least 500 customers of Geico were affected by this breach, and it’s unsure if customers outside California too were affected.