On July 26, 2022, Gannon Associates Insurance Agency reported a data breach after the company experienced an “information security incident.” According to Gannon, the breach resulted in the full names, Social Security numbers and driver’s license numbers of certain individuals being compromised. After confirming the breach and identifying all affected parties, Gannon Associates began sending out data breach letters to all affected parties.
If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Gannon Associates data breach, please see our recent piece on the topic here.
What We Know About the Gannon Associates Data Breach
The information about the Gannon Associates Insurance Agency data breach comes from two sources: the official notice the company filed with various state governments and a notice posted on the Gannon Associates website. Obviously, on June 14, 2022, Gannon learned that an unauthorized party may have gained access to its computer system and may have removed certain files. In response, the company secured its computer network and launched an investigation into the incident in hopes of determining its cause as well as whether any consumer data was leaked as a result.
On June 20, 2022, Gannon Associates, with the assistance of third-party cybersecurity specialists, confirmed that the unauthorized party was able to access files on the company’s network and that the accessible files contained information belonging to Gannon Associates customers as well as customers of “certain business customers.”
Upon discovering that sensitive consumer data was accessible to an unauthorized party, Gannon Associates began the process of reviewing all affected files to determine what information was compromised and which consumers were impacted by the incident. While the breached information varies depending on the individual, it may include your full name, Social Security number and driver’s license number.
On July 26, 2022, Gannon Associates sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About Gannon Associates Insurance Agency
Founded in 1973 and headquartered in Towanda, Pennsylvania, Gannon Associates Insurance Agency is an insurance company that is officially registered under the name Associated Insurance and Financial Services, LLC. Gannon Associates offers a wide range of insurance products to individual and business clients, including home, auto, health, and business insurance policies. Gannon Associates employs more than 95 people and generates approximately $77 million in annual revenue.
What Can Hackers Do with Your Information Following a Data Breach?
Cybercriminals are constantly on the lookout for ways to obtain consumers’ personal, financial and protected health information. But why? How can they profit off of your stolen information? Most people assume that identity theft or unauthorized transactions are the extent of the damage a hacker can cause; however, that is not necessarily the case. Hackers have a few different ways to profit off of the information they obtain through a data breach. Below are a few of the most common crimes cybercriminals engage in after stealing sensitive information through a data breach.
Open Credit Cards or Take Out Loans
The most obvious harm of a data breach is that hackers use your information to open up a new line of credit. Usually, this involves a hacker taking your information and applying for a new credit card or personal loan. While a cybercriminal would need your name, date of birth, and address, to perpetrate this type of fraud, they can often obtain this information in one of several ways. For example, a cybercriminal may have access to additional information about you through another data breach or by conducting a quick online search using the information they already have.
Intercept Your Tax Refund
A hacker in possession of your Social Security number can file a fraudulent tax return on your behalf to intercept your tax refund. Unfortunately, victims of tax refund fraud often don’t realize they’ve been targeted until the IRS rejects their tax return because it’s already been filed. To decrease the likelihood of tax refund fraud, you should file your tax return as soon as possible.
Receive Medical Treatment in Your Name
Hackers possessing your sensitive information may also try to obtain medical care in your name. Essentially, a criminal shows up at the doctor’s office pretending to be you. This not only leaves you with the bill, but can also cause your medical records to contain incorrect information, as the hacker’s information may get mixed up with your own when they provide it to the treating physician.
Open Fraudulent Utility Accounts
According to the Federal Trade Commission, 13 percent of fraud incidents in 2016 involved the creation of new phone and utility accounts. To open up a utility account, a hacker needs only your name, address and Social Security number. This information is available through many data breaches, making it one of the easier frauds to perpetrate.
Of course, hackers may not conduct this fraud themselves; they often sell your information to another criminal who then carries out the actual fraud. This enables hackers to make a quick buck and move on to the next set of victims.