A major data breach has exposed sensitive information of American National Insurance Company (ANICO) customers and employees, with over 279,000 records discovered on an online forum.
SafetyDetectives' cybersecurity researchers found a database containing 279,332 lines of ANICO customer and employee data posted on Breach Forums. The leaked information includes customer account details, personal identification data, policy information, and employee records.
The exposed customer data contains account IDs, email addresses, full names, dates of birth, contact information, physical addresses, and policy details. Employee information includes agent names, email addresses, and years of service data.
While ANICO acknowledged being impacted by an attack involving the MOVEit file transfer application, the company has not explicitly confirmed if this leaked data is connected to that incident. The Cl0p ransomware group, known for exploiting MOVEit vulnerabilities, had previously listed ANICO as a target in August 2023.
A separate report by Console & Associates suggests the breach may have also exposed Social Security numbers, financial records, and medical information, though this has not been independently verified in the forum data.
The Texas-based insurance company, which employs over 4,600 people and generates approximately $1.1 billion in annual revenue, is investigating the incident.
Security experts recommend that potentially affected individuals:
- Change passwords and enable two-factor authentication
- Watch for suspicious emails and messages
- Monitor financial accounts for unauthorized activity
- Report any suspected identity theft to authorities
- Review and update privacy settings on online accounts
The data remains available for download on the forum, highlighting ongoing security concerns for affected customers and employees.