On July 26, 2022, insurance agency Gannon Associates reported a data breach after the company suffered an “information security incident.” According to Gannon, the breach resulted in the compromise of the full names, social security numbers and driver’s license numbers of certain individuals. After confirming the breach and identifying all affected parties, Gannon Associates began sending data breach letters to all affected parties.
If you’ve been notified of a data breach, it’s important to understand what’s at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are after the Gannon Associates data breach, please see our recent feature on the topic here.
What we know about the Gannon Associates data breach
Information about the Gannon Associates Insurance Agency data breach comes from two sources: the official notice the company filed with various state governments and a notice posted on the Gannon Associates website. Apparently, on June 14, 2022, Gannon learned that an unauthorized party may have accessed his computer system and removed certain files. In response, the company secured its computer network and launched an investigation into the incident in hopes of determining its cause and whether any user data was leaked as a result.
On June 20, 2022, Gannon Associates, with the assistance of third-party cybersecurity professionals, confirmed that an unauthorized party was able to access files on the company’s network and that the accessed files contained information belonging to Gannon Associates clients, as and to customers of “certain business customers”.
Upon discovering that sensitive user data had been accessed by an unauthorized party, Gannon Associates began a process of reviewing all affected files to determine what information was compromised and which users were affected by the incident. Although the information breached varies by individual, it may include your full name, social security number, and driver’s license number.
On July 26, 2022, Gannon Associates sent data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More information about Gannon Associates Insurance Agency
Founded in 1973 and headquartered in Towanda, Pennsylvania, Gannon Associates Insurance Agency is an insurance company that is officially registered as Associated Insurance and Financial Services, LLC. Gannon Associates offers a wide range of insurance products to individual and business clients, including home, auto, health and business insurance policies. Gannon Associates has more than 95 employees and generates approximately $77 million in annual revenue.
What can hackers do with your information after a data breach?
Cybercriminals are constantly looking for ways to obtain users’ personal, financial and protected health information. But why? How can they benefit from your stolen information? Most people assume that identity theft or unauthorized transactions are the extent of the damage a hacker can do; however, this is not necessarily the case. Hackers have several different ways to profit from the information they obtain through a data breach. Below are some of the most common crimes that cybercriminals engage in after stealing sensitive information through a data breach.
Open credit cards or take out loans
The most obvious harm from a data breach is hackers using your information to open a new line of credit. This usually involves a hacker taking your information and applying for a new credit card or personal loan. Although a cybercriminal will need your name, date of birth, and address to carry out this type of fraud, they can often obtain this information in one of several ways. For example, a cybercriminal may be able to access additional information about you through another data breach or by doing a quick online search using the information they already have.
Withholding your tax refund
A hacker in possession of your Social Security number can file a fraudulent tax return on your behalf to intercept your tax refund. Unfortunately, victims of tax refund fraud often don’t realize they’ve been targeted until the IRS rejects their tax return because it’s already been filed. To reduce the likelihood of tax refund fraud, you should file your tax return as soon as possible.
Receive medical treatment in your name
Hackers in possession of your sensitive information may also attempt to obtain medical care on your behalf. Essentially, a criminal shows up at the doctor’s office posing as you. Not only does this leave you with the bill, but it can also cause your medical records to contain incorrect information, as the hacker’s information can be confused with your own when they provide it to the treating physician.
Open fraudulent utility bills
According to the Federal Trade Commission, 13 percent of fraud incidents in 2016 involved the creation of new phone and utility accounts. To open a utility account, a hacker only needs your name, address and social security number. This information is available through many data breaches, making it one of the easier scams to commit.
Of course, the hackers may not be perpetrating this fraud alone; they often sell your information to another criminal who then carries out the actual fraud. This allows hackers to make a quick buck and move on to the next set of victims.