More than 32,000 Delaware agents, policyholders, beneficiaries impacted
DE | Following the receipt of additional data breach reports from insurers, including those related to the breach of the MOVEit file transfer services system used by third-party vendors, the Delaware Department of Insurance is updating this consumer alert and will be updating the online posting as information is received.
Residents who may be agents, policyholders, or beneficiaries of the following insurers should be aware that their personal data may have been compromised, and should watch for contact:
| Company Name(s) | Potential Delawareans Impacted |
| Teachers Insurance and Annuity Assoc. | 8,799 |
| Genworth Financial | 8,000 |
| Wilton Reassurance Company Wilton Reassurance Life Co. of NY Wilcac Life Insurance Co. Texas Life Insurance Co. | 5,489 |
| Highmark Blue Cross Blue Shield Delaware | 4,128 |
| MassMutual Ascend Life Insurance Co. Annuity Investors Life Insurance Co. Manhattan National Life Insurance Co. | 3,123 |
| The Independent Order of Foresters | 1,539 |
| Humana | 1,288 |
| Fidelity Life Assoc. | 1,193 |
| Talcott Resolution Life Insurance Co. Talcott Resolution Life and Annuity Ins. Co. | 643 |
| RiverSource Life Insurance Co. | 459 |
| TransAmerica Life Insurance Co. | 253 |
| Athene Annuity & Life Assurance Co. | 206 |
| Brighthouse Life Insurance Co. | 151 |
As shared during a June 26 consumer alert, the MOVEit data breach and other data security events trigger Delaware’s Insurance Data Security Act, which in addition to proactive data security measures and other requirements, mandates the following occur:
- Investigation of a cybersecurity event and correction of compromised information systems
- Detailed reporting to the Insurance Commissioner
- Notification to consumers within 60 days, except in cases where federal law or law enforcement agencies require or request modified timelines
Consumers must be provided credit monitoring services at no cost for a period of at least one year in addition to receiving information regarding freezing one’s credit
Insurance Commissioner Trinidad Navarro encouraged consumers to protect their identities and reassured residents that the breach will be investigated thoroughly. “I take any breach of personal information very seriously, and encourage consumers affected to utilize the identity and credit protection services offered. Our Market Conduct staff, likely alongside investigators across the country, will work to investigate the situation and assess if appropriate safeguards were in place for the handling of data.”
The department worked with the General Assembly in 2019 to pass the Insurance Data Security Act and was one of the first states to implement the National Association of Insurance Commissioner’s model law. The law is an effort to fortify security measures and protect consumer data. It requires insurance companies and their vendors to follow certain data protection and breach protocols, including notification. The department may investigate violations of the Act and levy penalties accordingly.
Consumers should consider freezing their credit report due to the incident.
[Last Update: July 25, 2023 – Three insurers added]