Keenan and Associates suffered a cybersecurity incident in which 1.5 million users' personal details, such as Social Security numbers (SSNs), were exposed.
In a letter to affected individuals, the insurance brokerage stated that some personal information provided by customers was involved in a cybersecurity incident.
Keenan and Associates is one of the largest independent insurance brokerages in California.
The company claims to provide insurance and budgetary solutions to various sectors, including healthcare, education, and public organizations.
In the breach notice, the company disclosed that it accesses the personal information provided by its clients to perform certain operations.
The information accessed during the breach includes:
- Date of birth
- Social Security number
- Passport number
- Driver’s license number
- Health insurance information
- General health information
On August 27th, 2023, the insurance company identified disruptions in several network servers.
The company claims to have launched an investigation and employed third-party cybersecurity and forensic experts to oversee the investigation.
Once detected, Keenan and Associates took measures to “contain” the breach and inform law enforcement.
The investigation determined that an unauthorized third party had infiltrated Keenan’s internal systems and gained access for six days.
Adversaries obtained personal information inside the system between August 21st and August 27th, 2023.
In the notice, Keenan and Associates state that it is implementing additional security protocols to bolster its security posture.
More from Cybernews:
Subscribe to our newsletter