The New York Attorney General’s office has imposed a $9.75 million fine on Geico for a data breach that exposed the personal information of 116,000 New York drivers. The breach occurred during the COVID-19 pandemic, a period marked by a surge in cyberattacks targeting sensitive personal data.
The investigation revealed that Geico and Travelers Indemnity Company failed to implement adequate security measures to protect customer information. Both companies were found to be in violation of New York’s data protection laws.
The compromised data included information such as driver’s license numbers, which cybercriminals often utilize to perpetrate fraudulent activities, including filing fraudulent unemployment claims.
In addition to the fine, Geico has agreed to implement enhanced cybersecurity measures to safeguard customer data in the future. Travelers Indemnity Company has also been fined $1.55 million for a separate data breach that affected approximately 4,000 individuals.
Both companies have acknowledged the importance of data security and have taken steps to strengthen their cybersecurity infrastructure. Geico has reported the breach to the relevant authorities and invested heavily in improving its security measures.
This incident serves as a stark reminder of the increasing threat of cyberattacks and the importance of robust data protection measures. As cybercriminals continue to evolve their tactics, companies must remain vigilant and invest in advanced security technologies to safeguard sensitive customer information.