P2020-ND-143

Co-operators General Insurance Company and Co-operators Life Insurance Company

On November 18, 2019, the Organization was notified by a client that their credit card number had been used to make a fraudulent premium payment. The Organization investigated and found that the client’s credit card number was likely used by a former employee to fraudulently pay the premium on the former employee’s insurance policy. The former employee had previously held the role of insurance agent, but his employment had been terminated on July 19, 2018. Upon further investigation the Organization determined that there were a 6 separate attempts between October and December to use unique credit card numbers to make premium payments on the former employee’s insurance policy. Of those 6 attempts, 2 involved the credit card numbers of clients of the Organization, and 1 involved the credit card number of a partner of a client. Four (4) attempts were successful. The Organization has not been able to definitively conclude whether the former employee used the credit card information of others, but confirms there has been a loss of and unauthorized use of client personal information. Prior to these events, and immediately following the termination of the former employee, the Organization was aware that the former employee may have been soliciting the Organization?s clients. On August 27, 2018, the Organization?s internal investigation found that the former employee had emailed a spreadsheet containing client information to his own personal email account on July 18, 2018, and on 4 other occasions between March 1, 2017 and May 22, 2018).

File Type: pdf
Categories: 2020
Tags: Unauthorized access