Sentinel Security Life Insurance Co. and Atlantic Coast Life Insurance Co. reported a cyber incident that may have exposed personally identifiable information (PII) of policyholders, beneficiaries and other individuals connected to the companies.
The unauthorized access occured between April 7 and April 15, 2025, and the carriers completed a review of potentially affected files on Dec. 17, according to a report from Best Wire.
The breached data may include names, Social Security numbers, individual taxpayer identification numbers, financial account information, dates of birth, medical records and health insurance details. Individuals potentially affected include present or former policyholders, certificate holders, beneficiaries and others who interacted with the companies. Sentinel Security Life and Atlantic Coast Life stated that they are unaware of any misuse of the compromised information.
In response, the insurers are reviewing internal policies, procedures, and processes for storing and accessing personal information to reduce the likelihood of future breaches. According to the report, these measures are critical for maintaining trust with policyholders and meeting regulatory obligations regarding data security and privacy.
The announcement follows a broader context of financial and regulatory scrutiny for Sentinel Security Life. In June 2025, a Utah judge dismissed a petition filed by state regulators seeking to place Sentinel Security Life and two reinsurers owned by Advanced Capital Management LLC into court-ordered rehabilitation. Regulators had cited a history of self-dealing, conflicts of interest, and concentrated investments in 777 Partners LLC, which they argued undermined the companies’ risk-based capital ratios. Separately, 777 Partners co-founder Joshua Wander was charged in a $500 million fraud scheme targeting private lenders and investors.
Sentinel Security Life and Atlantic Coast Life’s underwriting entities currently hold a Best’s Financial Strength Rating of B++ (Good), with the rating under review and negative implications cited, according to the report.
For insurers and policyholders, the breach highlights the growing cyber risk exposure in the life and health insurance sector.
Cyber incidents can directly affect claims administration, underwriting, and regulatory compliance, particularly when sensitive personal and medical data is involved. Insurers may face increased costs for credit monitoring, regulatory reporting, and cybersecurity enhancements, while also needing to maintain consumer confidence.
Recent breaches at other carriers have prompted greater regulatory attention to insurer cybersecurity frameworks, including expectations for risk assessments, vendor management, and incident response protocols.
