On January 4, 2023, OneAmerica Financial Partners, Inc. filed notice of a data breach with the Montana Attorney General after discovering an email phishing attack compromised the security of certain personal information in the company’s possession. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, account numbers, driver’s license numbers and credit or debit card numbers. After confirming that consumer data was leaked, OneAmerica began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

If you ever had an account with OneAmerica or one of the company’s subsidiaries, your personal information may no longer be secure. As we’ve discussed in previous pieces, hackers carry out these data breaches to obtain consumers’ sensitive information that they can then use to commit a wide range of frauds—including identity theft. As a data breach victim, it is important to familiarize yourself with the steps you can take to reduce these risks, as well as what options you may have to hold OneAmerica financially responsible for leaking your information.

What We Know So Far About the OneAmerica Financial Partners Breach

The available information regarding the OneAmerica Financial Partners breach comes from the company’s filing with the Montana Attorney General. According to this source, on July 15, 2022, OneAmerica learned that phishing messages were being sent from a user’s OneAmerica email account. In response, OneAmerica initiated an investigation with the assistance of an outside cybersecurity firm in hopes of learning more about the incident, what caused it, and whether any consumer data was leaked as a result.

The OneAmerica investigation confirmed that the suspect email account had been compromised as a result of a previous phishing email. Once the hacker obtained access to the email account, they then sent phishing emails to other users from the hacked email account. At no time was the unauthorized actor able to access OneAmerica’s computer network; however, they were able to access all information contained in the compromised email account.

Upon discovering that sensitive consumer data was made available to an unauthorized party, OneAmerica Financial Partners began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, account number, driver’s license number and credit or debit card number.

On January 4, 2023, OneAmerica Financial Partners sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About OneAmerica Financial Partners, Inc.

Founded in 1877, OneAmerica Financial Partners, Inc. is an insurance and financial services company based in Indianapolis, Indiana. The company serves as a mutual holding organization for its subsidiaries, which include American United Life Insurance Company, The State Life Insurance Company, OneAmerica Retirement Services LLC, McCready and Keene Inc., OneAmerica Securities, Inc., Pioneer Mutual Life Insurance Company, and AUL Reinsurance Management Services, LLC. Through these companies, OneAmerica offers annuities and a variety of individual insurance policies, including life, disability, and long-term care insurance. OneAmerica also offers its corporate clients group insurance, retirement plans and employee benefit plans. OneAmerica Financial Partners employs more than 2,300 people and generates approximately $1.9 billion in annual revenue.