Globe Life Inc. (the "Company") recently received communications from an unknown threat actor seeking to extort money from the Company in exchange for not disclosing certain information held and used by the Company and its independent agents. After becoming aware of this, the Company immediately activated its incident response plan and, with the assistance of experienced counsel and external cybersecurity experts, launched an investigation. The Company has reported this extortion attempt to and is cooperating with federal law enforcement.

Based on the Company's investigation to date, which remains ongoing, the Company believes that information relayed to the Company by the threat actor may relate to certain customers and customer leads that can be traced to the Company's subsidiary, American Income Life Insurance Company. This information includes certain personally identifiable information categories such as names, email addresses, phone numbers, postal addresses, and in some instances Social Security numbers, health-related data, and other policy information for approximately 5,000 individuals; however, the total number of potentially impacted persons or the full scope of information possessed by the threat actor has not been fully verified. This information does not appear to contain personally identifiable financial information such as credit card data or banking information. Most recently, the threat actor also shared information about a limited number of individuals to short sellers and plaintiffs' attorneys. The threat actor claims to possess additional categories of information, which claims remain under investigation and have not been verified.

To date, the extortion attempts have not involved the use of ransomware or resulted in an interruption to the Company's systems, services, or business operations. The Company will notify individuals affected by this incident, take steps as needed to protect and remediate the impact for them, and continue to communicate with regulatory authorities. As of the date of this filing, the Company believes this incident has not materially impacted its operations and does not expect this incident is reasonably likely to have a material impact on the Company, including its financial condition or results of operations.