Ameritas revealed to some of its customers that their personal information may have been exposed in a data breach, the Lincoln Journal Star reported.
In a letter dated July 23, Ameritas said a few of its employees became victims of phishing scams in May and early June. The phishing scams tricked the employees into giving their email credentials, according to the report. Following the discovery of the breach, the company reportedly immediately disabled unauthorized access and deployed a mandatory enterprise-wide password reset.
The information that may have been exposed includes the customers' names, addresses, email addresses, Social Security numbers and policy numbers.
The notification about the data breach was delayed because Ameritas had to accurately identify the affected customers and ensure that contact information was collected in a consistent format for notification purposes, the Lincoln Journal Star reported, citing a spokeswoman.
The company has hired a risk-consulting firm to look into the incident.