HQ/EMEAFind out how we can help your business
A recent Hilb Group data breach incident could potentially affect more than 81,000 individuals since the attackers could have compromised their sensitive information.
The affected company provides property, casualty, and employee benefits insurance and advisory services across 22 US states through over 130 locations. This firm recently revealed that criminals obtained unauthorised access to the work email accounts of its employees after suspecting that these cybercriminals may have acquired significant amounts of personal data.
Further impact of the incident concerns the company’s clients since they have yet to reveal the true extent of the situation. In addition, Hilb Group has yet to respond to any inquiries about the attack or how the threat actors accessed such sensitive information.
A recent notification about the Hilb Group data breach has confirmed some of the affected customers’ details.
According to a notification sent to the Maine Attorney General’s office, the Hilb Group data breach operators obtained the clients’ first and last names, sensitive financial information, and credentials.
These details also include financial Account Number or Credit/Debit Card Number. Unfortunately, the more threatening detail of the hack is that the actors could have acquired information about the combination with the security code, access code, password, or PIN for the account. However, the notification letter to affected parties mentioned that the stolen data only included names and Social Security numbers.
This incident could taint the organisation’s reputation since they are known for helping its customers manage and mitigate risks. Hilb Group first noticed the suspicious activity in their employee email accounts around January.
After employing a third-party incident response team, the insurance brokerage admitted that the breach had occurred between December 2022 and January 2023, several months before its discovery.
Hilb Group subsequently conducted a comprehensive review of the email accounts’ contents to identify the types of information accessed and the affected individuals. The review concluded on July 28, and they notified the 81,539 potentially affected individuals last month.
Upon discovering the intrusion, Hilb Group took immediate action to secure the compromised email accounts, launched a thorough investigation, and implemented additional technical safeguards to enhance data security and prevent similar incidents from occurring in the future.
Potentially affected individuals should do the same by being vigilant to prevent threat actors from using the stolen credentials for their other campaigns.
