In August 2023, Pacific Guardian Life Insurance Co. Ltd. experienced a cybersecurity incident that exposed sensitive personal information of customers, including names, Social Security numbers, financial account details, payment card information, dates of birth, and medical records. The breach led to a $2 million class-action settlement, with affected individuals eligible for reimbursements (up to $2,000 for documented losses) or alternative cash payments ($50–$20). The lawsuit alleged negligence, breach of contract, privacy violations, and non-compliance with Hawaii law, though the company denied wrongdoing. The exposed data poses risks of identity theft, financial fraud, and privacy invasions, with long-term credit monitoring offered to mitigate harm. The incident underscores failures in data protection, resulting in legal, financial, and reputational consequences for the insurer.
Source: https://www.claimdepot.com/settlements/pgli-data-breach
TPRM report: https://www.rankiteo.com/company/pacific-guardian-life
"id": "pac0302503102325",
"linkid": "pacific-guardian-life",
"type": "Breach",
"date": "8/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Class members who received '
'breach notification (exact '
'number unspecified)',
'industry': 'Insurance',
'location': 'Hawaii, USA',
'name': 'Pacific Guardian Life Insurance Co. Ltd.',
'type': 'Insurance Company'}],
'customer_advisories': ['Breach notification letters',
'Settlement claim instructions (online and mail-in '
'forms)',
'Credit monitoring enrollment details'],
'data_breach': {'data_exfiltration': 'Likely (data compromised in breach)',
'personally_identifiable_information': ['Names',
'Social Security '
'numbers',
'Dates of birth'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Financial Data',
'Medical Information']},
'date_detected': '2023-08-01',
'description': 'Pacific Guardian Life Insurance Co. Ltd. agreed to pay $2 '
'million to resolve a class action lawsuit alleging a data '
'breach in August 2023 exposed sensitive personal information, '
'including names, Social Security numbers, financial account '
'details, payment card information, dates of birth, and '
'medical information. The breach led to a settlement offering '
'affected consumers up to $2,020 in reimbursements or '
'alternative cash payments, along with two years of free '
'credit monitoring.',
'impact': {'brand_reputation_impact': 'Negative (lawsuit and settlement)',
'customer_complaints': 'Class action lawsuit filed',
'data_compromised': ['Names',
'Social Security numbers',
'Financial account details',
'Payment card information',
'Dates of birth',
'Medical information'],
'financial_loss': '$2,000,000 (settlement fund)',
'identity_theft_risk': 'High (PII and financial data exposed)',
'legal_liabilities': ['Negligence',
'Breach of implied contract',
'Unjust enrichment',
'Invasion of privacy',
'Violations of Hawaii law'],
'payment_information_risk': 'High (payment card and financial '
'account details exposed)'},
'investigation_status': 'Resolved (settlement reached)',
'post_incident_analysis': {'corrective_actions': ['$2M settlement fund for '
'affected individuals',
'Two years of free credit '
'monitoring for class '
'members'],
'root_causes': ['Alleged failure to adequately '
'protect customer data']},
'references': [{'source': 'Class Action Settlement Notice'},
{'source': 'Settlement Administrator (Pacific Guardian Life '
'Insurance Cybersecurity Incident Claims '
'Administrator)'}],
'regulatory_compliance': {'legal_actions': ['Class action lawsuit',
'Settlement agreement'],
'regulations_violated': ['Hawaii state laws',
'California '
'Confidentiality of '
'Medical Information Act '
'(CMIA) for California '
'residents']},
'response': {'communication_strategy': ['Breach notification letters to '
'affected individuals',
'Class action settlement '
'communications']},
'stakeholder_advisories': ['Settlement notices sent to affected class members',
'Public disclosure of settlement terms'],
'title': 'Pacific Guardian Life Insurance $2M Data Breach Settlement',
'type': ['Data Breach', 'Class Action Lawsuit']}