The Target: Philadelphia Indemnity Insurance designs, markets, and underwrites commercial property/casualty and professional liability insurance products.
The Take: Philadelphia Indemnity launched an investigation and determined by July 9 that the stolen data included names, driver’s license numbers and dates of birth, according to the breach notice.
The Vector: An unauthorized party accessed customer data during an intrusion discovered between June 9 and June 10, according to the disclosure. The company previously called the incident a network outage, however it said there was no ransomware and no encryption.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.