Heimdal
article featured image

Contents:

On May 12th, student health insurance carrier guard.me detected dubious activity on their website that led them to remove their web page.

According to them, a flaw enabled a cybercriminal to obtain students’ private data such as email addresses, dates of birth, phone numbers, and even passwords.

Guard.me International Insurance is among the world’s largest health and travel insurance providers in international education, protecting over 100,000 individuals studying and working abroad, including full- and part-time students, faculty members, and participants in the exchange, co-op, and internship programs.

At the moment, their website is unavailable, visitors being automated sent to a maintenance page notifying that the site is inoperative as the Guard.me health insurance career improves security on the website.

Source

Yesterday, the insurance provider started to inform its students of the data breach via email saying that a website flaw permitted unapproved threat actors to gain access to their private data.

In the late evening of May 12, 2021, our Information Systems team discovered unusual activity on our website and as a precaution, they immediately took down the website and took immediate steps to secure our systems. The vulnerability has been addressed.  Our experts are diligently investigating the matter further.

Source

A data breach is a security violation in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so.

Data breaches may involve financial information such as credit card or bank details, personal health information (PHI), Personally identifiable information (PII), trade secrets of corporations, or intellectual property. Most data breaches involve overexposed and vulnerable unstructured data – files, documents, and sensitive information.

As stated by the international student health insurance provider, the flaw was fixed and measures to secure their system have been immediately taken.

Guard.me also declares that they are initiating new policies for stronger protection such as two-factor authentication and database segmentation.

Author Profile

Antonia Din

PR & Video Content Manager

linkedin icon

As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.

Leave a Reply

Your email address will not be published. Required fields are marked *

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE