566,217 Customers of Bankers Life Impacted by Data Breach

Bankers Life, based in Chicago, is a health insurance company and the largest division of CNO Financial Group Inc. Between May 30 to September 13, 2018, hackers gained access to Bankers Life systems and potentially accessed the personal data of over 500,000 individuals.

Bankers Life provides insurance services to consumers, including medical insurance, long term care insurance and Medicare supplemental insurance. Bankers Life became aware of the breach on August 7, 2018.

The personal data of some employees and customers was potentially accessed. A ‘limited group’ of customers had their names, driver’s license numbers, Social Security numbers, state identification numbers, bank account numbers, medication details, diagnoses, and treatment data compromised. The protected health information (PHI) of a bigger group of clients was also possibly viewed by the hackers . For this group, the information was limited to names, addresses, birth dates, insurance type, insurance policy numbers, premium amounts, service dates, amount of claims, and their Social Security numbers’ last four digits.

Bankers Life engaged the help of a third-party computer forensics expert to investigate the breach and find out how the hackers accessed its systems. The insurance company did not disclose to the public details of exact nature o the attack and neither how access to its systems was gained.

Bankers Life has responded to the breach by implementing additional security controls and increasing monitoring of access to its systems.

The announcement regarding the breach was deferred upon the request of law enforcement. Notifications have now been sent to affected customers, who have been offered complimentary identity theft repair and credit monitoring services.

HIPAA
Compliance
Checklist

Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

Bankers Life has submitted a breach report to the Department of Health and Human Services’ Office for Civil Rights. The OCR breach report indicates 566,217 customers have been affected.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: https://www.linkedin.com/in/liamhipaa/