Data breach at US insurance firm may have exposed personal data of 7,400 people
One of the largest insurance brokerage and risk management companies in the Southeastern US, Sterling Seacrest Pritchard (SSP), has confirmed an email system breach impacting thousands of people.
-
US insurance firm Sterling Seacrest Pritchard suffered an email breach affecting 7,420 people between August 12-13, 2025.
-
Exposed data may include names and Social Security numbers, which can be used for identity theft, social engineering, or financial fraud.
-
The investigation took seven months to complete, concluding on March 19, 2026, though SSP says there's no evidence of fraudulent misuse.
The breach took place between August 12th, 2025, and August 13th, 2025.
The company detected unusual activity in its email system in August 2025 and secured its environment. It then worked to establish the scale of the attack and identify potentially affected information, with the process concluding on March 19th, 2026.
The investigation revealed that certain data may have been accessed or acquired without authorization. Although such data varies by individual, it may have included names and Social Security Numbers. Cybercriminals can use this information for social engineering attacks, identity theft, or financial fraud.
The breach affected 7,420 individuals, including 20 Maine residents, according to a filing with the Maine Attorney General’s office. SSP said it has no evidence of fraudulent misuse, or attempted misuse, of the affected information.
The company has set up a toll-free call center through Kroll, a global provider of risk and financial advisory solutions, to address incident-related questions.
Those individuals whose Social Security numbers or driver’s license information were accessed will receive twelve months of complimentary credit and identity protection services through Kroll. The services include Credit Monitoring, Fraud Consultation, and Identity Theft Restoration.
Check if your data has been leaked
SSP advises affected individuals to review their current and past credit and debit card account statements for unusual activity. If any unauthorized transactions have taken place, they should contact their bank immediately – and they can also contact Kroll. The company’s representatives will work on their behalf to help resolve issues related to the breach.
Additionally, those impacted will receive guidance on how to protect against identity theft and fraud, including placing fraud alerts or credit freezes, checking their credit reports, and watching for signs of identity theft. They are also encouraged to report any suspicious activity to authorities.
Unlock more exclusive Cybernews content on YouTube.
