This notice is from United of Omaha Life Insurance Company (“United of Omaha”) about a recent security incident. This incident was limited to United of Omaha’s group insurance business, which provides various group insurance products to employers.

What happened

On April 23, 2024, United of Omaha detected unusual activity in one employee’s email account and observed access by an unauthorized party. The access was the result of a phishing campaign targeting United of Omaha employees. We immediately began an investigation and hired an outside forensic computer expert to determine the size and scope of the incident. The investigation determined that the unauthorized third party had access to the employee email account between April 21, 2024 and April 23, 2024. Following a thorough review of the email account, on June 28, 2024 United of Omaha discovered that the unauthorized party may have accessed sensitive information. The attack did not compromise the security of any other systems or networks and did not affect United of Omaha’s ability to conduct business.

What Information Was Involved

United of Omaha’s investigation confirmed that no information in the compromised account was emailed out of the account by the unauthorized party. However, the unauthorized party may have been able to view emails or attachments related to United of Omaha’s employer group insurance products. We cannot confirm exactly what data was accessed for each individual, but information that may have been accessed includes full name, demographic information (such as address and date of birth), driver’s license number, health insurance policy number, social security number, employment information, and limited health information.

What We Are Doing

Upon learning of the incident, United of Omaha took a number of steps to prevent similar incidents from occurring in the future including changing the employee’s Microsoft account passwords to prevent further access to the email account, hiring independent and industry-leading cybersecurity and data analysis experts to assist in the investigation, reporting the fraudulent domain associated with the attack, and re-training all employees on how to identify and report phishing campaigns.

What Individuals Can Do

United of Omaha is sending letters by U.S. mail to impacted individuals for whom the company has valid mailing addresses. The letters contain important information about steps individuals can take to help prevent identity theft and fraud. Eligible individuals are being provided free credit monitoring services. Instructions on how to enroll are included in the notification letters mailed to eligible individuals’ last known address. 

There are steps you can take to protect yourselves, including:

• Enroll in complimentary identity monitoring and identity protection services.
• Regularly monitor your insurance statements as well as bank statements, credit reports, and tax returns to check for unfamiliar activity. Again, we have no evidence information was exfiltrated, downloaded, or emailed out of the account by the unauthorized third-party, but we encourage everyone to be diligent.
• If you notice suspicious activity, immediately contact your financial institution or credit reporting agency.

You may have additional rights available to you depending on the state you live. Please see the “Consumer Reference Guide” below for additional information.

For More Information

United of Omaha has established a confidential, toll-free hotline that is staffed with professionals familiar with the incident who can assist with questions and steps to protect against identity theft and fraud. For additional information visit www.experianidworks.com/unitedofomaha. We sincerely regret any inconvenience or concern caused by this incident. The privacy and security of your information is of critical importance to us. If you would like more information, you can reach out to dedicated support staff:

• For employees/consumers: To obtain more information or to enroll in complimentary Experian Credit and Identity Monitoring Services if you feel you may have been impacted, visit www.experianidworks.com/unitedofomaha.   
  
• For employers: 1-855-577-8091

As a precautionary measure, consumers may wish to regularly review account statements and periodically obtain credit reports from one or more of the national credit reporting companies. Consumers may obtain a free copy of credit reports online at www.annualcreditreport.com, by calling toll-free 1-877-322-8228, or by mailing an Annual Credit Report Request Form (available at www.annualcreditreport.com) to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281.  Consumers may also purchase copies of credit reports by contacting one or more of the three national credit reporting agencies using the contact information listed below. 

Consumers may wish to review credit reports carefully and look for accounts or creditor inquiries that are not initiated or recognized by consumer.  If anything is seen that is not understandable, including inaccuracies in home address or Social Security number, consumers should call the credit reporting agency at the telephone number on the report. 

Consumers should remain vigilant for incidents of fraud and credit activity with respect to reviewing account statements and credit reports, and promptly report any suspicious activity or suspected identity theft to the proper authorities, including local law enforcement, the state’s attorney general and/or the Federal Trade Commission (“FTC”).  The FTC or a state’s regulatory authority may be contacted to obtain additional information about avoiding identity theft using the contact information listed below.

The next paragraph is regarding incidents involving personal health information.  Disregard if not applicable to your situation.   

Consumers may wish to regularly review explanation of benefits statements received from insurers.  If medical services appearing were not received or are not receiving your benefit statements, contact the insurer at the number on the statement. Check your credit reports for any medical bills not recognized and report anything suspicious to the credit reporting agency at the phone number on the report. 

Fraud Alerts: There are also two types of fraud alerts that can be placed on credit reports to put creditors on notice that a consumer may be a victim of fraud: an initial alert and an extended alert.  Consumers may ask that an initial fraud alert be placed on their credit report if they suspect they have been, or are about to be, a victim of identity theft.  An initial fraud alert stays on credit reports for at least one year.  An extended alert may be placed on credit reports if consumers have already been a victim of identity theft, with the appropriate documentary proof, and stays on credit reports for seven years.  Consumers may place a fraud alert on their credit reports by contacting the toll-free fraud number of any of the three national credit reporting agencies listed below. 

Credit Freezes: Consumers have the right to place a credit freeze or security freeze (referred to as “credit freeze”) on their consumer reports.  A credit freeze is designed to prevent credit, loans and services from being approved in a consumer’s name without the consumer’s consent.  Using a credit freeze, however, may delay ability to obtain credit.  Consumers may request that a freeze be placed on credit reports by sending a request to a credit reporting agency on-line or by certified mail, overnight mail or regular stamped mail to the three national reporting agencies listed below.  Pursuant to federal law, you cannot be charged to place or lift a credit freeze on your credit report.  

Unlike a fraud alert, a credit freeze must be separately placed on a consumer’s credit file at each credit reporting company. More information can be obtained about fraud alerts and credit freezes by contacting the FTC or one of the national credit reporting agencies listed below.

Reference Numbers: 

Consumers may also purchase a copy of their credit report by contacting one or more of the three national credit reporting agencies listed below: 

Consumers can place a fraud alert on their credit report by contacting any of the three national credit reporting agencies listed below. 

You can place a credit freeze on your credit report by contacting any of the three national credit reporting agencies listed below.  

Federal Trade Commission: Consumers may also obtain information about preventing and avoiding identity theft from the Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580, 1-877-IDTHEFT (438-4338), www.ftc.gov/idtheft.