Midland National Life Insurance Co. reported a data breach discovered in January that may have exposed customer details, including names and account numbers, according to filings with the Massachusetts Attorney General’s office.
A report filed with the attorney general confirmed that one Massachusetts customer was affected. The company did not immediately respond to requests for comment.
Midland National informed customers in a letter posted on the attorney general’s website that the breach occurred on Jan. 13, 2025. The attack targeted a web portal used by one of its agents. The insurer immediately launched an investigation, reviewing affected systems. It determined that the attacker may have accessed personal information related to life insurance and annuity policyholders.
Exposed data may include customer names, policy or contract numbers, and account values. The company stated there is no evidence of misuse or stolen funds.
After identifying the breach, Midland National said it acted immediately to stop the attack and block further unauthorized access. It is offering affected policyholders a free year of third-party identity theft protection.
In a separate breach, Globe Life Inc. expanded the number of people potentially impacted by a cyber-extortion attempt last year. The company will notify 850,000 additional individuals and provide credit monitoring services.
Globe Life previously disclosed in October that it received extortion demands from an unidentified actor threatening to release sensitive data.
According to an SEC filing, the company activated its threat response plan, working with legal and cybersecurity experts. The ongoing investigation suggests the breach may involve data from its American Life Insurance Co. subsidiary.
