Canadian Security Magazine

Empire Life Insurance reports data breach

By Canadian Security   

News Data Security cyber security data breach notification

The Empire Life Insurance Co. recently announced that the company is responding to a data breach as the result of an email phishing incident on November 20, 2015.

The incident may affect a number of its customers. The company reports that an unauthorized source gained temporary access to 10 internal employee email accounts. Within minutes of the occurrence, Empire Life’s IT department had identified the affected email accounts and took steps to contain the incident. Empire Life is continuing its internal investigation to determine what information the perpetrator may have accessed.

To date, there is no evidence that personal customer information has been used inappropriately. However, it is possible that personal customer information in the affected email accounts may have been viewed by an unauthorized third party. The personal information that may have been viewed varies from case to case, but could include fund values, dates of birth, addresses, medical information related to applications and claims, and social insurance numbers.

“The security of our customers’ personal information is extremely important to us,” said Mark Sylvia, president and CEO of Empire Life. “Empire Life has taken a number of steps to enhance IT security, including implementing new technologies and enhancing internal awareness and education training programs designed to help employees recognize and prevent phishing attempts.”

Empire Life has launched a website to provide customers with information related to this incident. The Privacy Commissioner and Canadian Anti-Fraud Centre have both been notified.


The incident website is or

Print this page


Stories continue below