2023-10-26 REINSURANCE GROUP OF AMERICA INC Cybersecurity Incident

Page last updated on April 11, 2024

REINSURANCE GROUP OF AMERICA INC initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-10-26 16:03:00 EDT.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date: 2023-10-15
Detected Date: 2023-10-16
Disclosure Date: 2023-10-26
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2023-10-26

REINSURANCE GROUP OF AMERICA INC filed an 8-K at 2023-10-26 16:03:00 EDT
Accession Number: 0001193125-23-264063

Item 8.01 Other Events.

On October 16, 2023, Reinsurance Group of America, Incorporated (the “Company”) determined that the Company had experienced a cybersecurity incident in which an unauthorized third party gained access to certain technology systems of the Company. The Company currently believes that this unauthorized third party gained such access on October 15, 2023. Following detection of the incident, the Company initiated response protocols, including deploying a number of containment measures such as taking certain systems offline as a precautionary measure. Additionally, following such detection, the Company launched an investigation, which remains ongoing, engaged the services of cybersecurity and forensics experts and advisors, and notified certain insurance regulatory authorities and law enforcement authorities.

Based on the Company’s investigation to date, the Company does not believe that any client policy holder data was accessed or extracted. The Company has also identified no evidence to date of encryption or ransomware. The Company has been working to bring its systems back online and resume normal operations, and the functionality of most of the Company’s online systems was restored earlier this week.

Additionally, the Company has been in communication with clients about the incident and its restoration progress. The Company will ensure that any appropriate notification is provided to individuals affected by this incident.

We have incurred, and expect to continue to incur, certain incremental expenses related to this incident, including expenses to respond to, remediate and investigate this incident. While the Company’s investigation is ongoing, based on information currently known, the Company does not believe this incident will have a material adverse effect on its business, operations or financial results.

The Company maintains insurance, including cybersecurity insurance, which the Company believes is commensurate with its size and the nature of its operations.

Company Information