Geico Data Breach Class Action Lawsuit
Plaintiffs in California have filed a complaint following a large Geico data breach incident in which customers’ driver’s license numbers were compromised. Accessing such information may allow for bad actors to sell the information on, or fraudulently apply for unemployment benefits.
Geico’s manager of data privacy said that between January 21 and March 1, 2021, hackers accessed driver’s license numbers through Geico’s online sales platform. Personal data has often been compromised in these types of hacks, including home addresses, VINs, and driver’s license details.
The Geico data breach is concerning because the leaked personal information may lead to identity theft and other fraudulent activity that may follow victims for years. The insurer did not immediately specify how many consumers were affected. The notice also fails to indicate what states might have been affected.
Once driver’s license information is leaked, criminals can use it to manufacture fake IDs or exploit the information in more elaborate ways. Unemployment benefits fraud appears to be a motive in the Geico data breach, though scammers can abuse personal information in many other manners. Cybercriminals have been known to steal sensitive data and find ways to wire money to fraudulent accounts.
Victims should remain vigilant for many months after any breach. After data theft incidents, criminals are known to wait in the wings and keep information on file. Sometimes stolen data appears for sale on underground forums and the dark web months after hackers feel they have exhausted their own use for it.
The Internal Revenue Service (IRS) has reported a surge in fraudulent unemployment claims, ostensibly filed by organized crime rings. Recent data found that suspicious unemployment-related emails grew immensely since late February. States have paid out millions to scammers, and the Department of Labor estimates that fraudulent unemployment claims accounted for up to 10 percent of all filings.
Geico has since announced that the security bug is fixed, though customers may still be at risk, and are urged to change passwords. The company said in a statement that customers should carefully review any mailings from an unemployment agency. The auto insurance giant has added security measures to help prevent future fraud, and is offering a subscription to IdentityForce, an identity theft protection service.