Hackers Stole Personal Info of 150,000 People from an Insurance Broker in California

A Californian insurance company has reported a data breach affecting more than 1.5 million people, including personal details such as health insurance and Social Security Numbers.

Insurance companies and brokers are always on the list of hacker targets because they usually hold a lot of personal information about their customers, which can be used after a successful attack to blackmail the company.

Keenan & Associates notified Maine authorities of a security incident that occurred in August 2023 and said more than 150,000 persons were affected by the hack. As it turns out, attackers compromised the company’s systems and exfiltrated a lot of personal data pertaining to their clients.

“On Sunday, August 27, 2023, we discovered certain disruptions occurring on some Keenan network servers,” said the company in the notification to Maine authorities. “We immediately began an investigation and engaged leading third-party cybersecurity and forensic experts to assist. Upon detection, we took prompt action to contain it. Keenan also notified law enforcement.”

“The investigation determined that an unauthorized party gained access to certain Keenan internal systems at various times between approximately August 21, 2023 and August 27, 2023, and that the unauthorized party obtained some data from Keenan systems. A thorough review of that data was conducted to identify what information was involved and identify individuals to whom the data related,” the company added.

The stolen data includes the full name, date of birth, Social Security Number, passport number, driver’s license number, health insurance information, and general health information.

Following the security incident, the company implemented several security protocols that should offer more protection in the future. However, it remains unclear why they waited for six months before notifying the authorities.