Fidelity Investments Life: A Sticky Situation
Imagine you’re settling in for the evening, hot cup of tea on the table, dog at your feet, when you receive a jarring email – your sensitive data has been compromised in a massive data breach. Well, the nightmare just turned real for thousands of Fidelity Investments Life Insurance Company customers. Not exactly a pleasant nightcap, eh?
Let’s understand it a bit. Infosys McCamish Systems, an IT support company for numerous life insurers, was dancing with the LockBit ransomware group. And guess what? McCamish had records for 28,268 Fidelity Investments Life policyholders up for grabs when this uninvited digital tango happened. Brian Leary, Fidelity Investments’ chief compliance officer, broke this unfortunate news to officials in Maine and California this past Friday.
“No Mutual Fund” Dance-Hall for Ransomware
If you’re clutching at your mutual funds, relax. This ransomware attack sidestepped the mutual fund business of the parent company, Fidelity Investments. Think of it as dancing at one end of the floor but not crossing over to the other side. However, this lack of ‘interaction’ offers little solace to the affected life insurance holders.
Dealing with the Morning-After Blues
In an attempt to mitigate the fallout of this hack, affected policyholders will get some “cyber aspirins” in the form of 24 months of free credit morning monitoring and identity theft response services. Good news! But just like regaining trust after a dance partner steps on your toes, it’s going to take a while to heal.
Behind the Curtains: McCamish and Fidelity System
A little about the dramatis personae in our story. Infosys McCamish Systems, the victim of the cyberattack, is part of the Bangalore-based outsourcing company Infosys Ltd, with a workforce of around 300,000. McCamish, headquartered in Atlanta, flaunted $34 million in profits in 2022 on $462 million in revenue.
McCamish is still spinning in the cyber storm, and as Fidelity orated, they are “unable to determine with certainty what personal information was accessed.” However, the likelihood is high that your data consisting of your name, Social Security number, state of residence, bank account and routing number, and date of birth were snagged by the third-party miscreants.
Fidelity Investments Life, ensnared through McCamish, came to shine under Fidelity Investments’ banner via its acquisition in 1986. Following a name change and a shift from Pennsylvania to Utah, the subsidiary reported $102 million in net income in 2022 on $1.7 billion in revenue and $36 billion in assets.
And Cut! The Aftermath
This ordeal is just another tenuous thread in the tapestry of cyber threats that looms over our technological society. Fidelity previously disclosed in registration statements that cyberattacks on vendors could muck up its operations and funds. How’s that for foreshadowing?
Hopefully, you’ve been spared the aftershocks of this event. If you’re one of the lucky ones, keep in mind the saying, “It’s better to be safe than sorry.” Try not to give too much personal information while dancing on the cyber floor. After all, who knows when you might become somebody’s next dance partner?