California-based insurance brokerage and consulting firm, Keenan & Associates, has been thrust into the spotlight after revealing a data breach affecting a staggering 1.5 million customers.
As a prominent company in the education, healthcare, and public agencies sectors, Keenan is now grappling with the aftermath of a cyberattack that exposed sensitive personal information.
Discovery of the Breach
The breach, discovered on August 27, 2023, prompted Keenan & Associates to take swift action. Upon detecting disruptions on specific network servers, the company initiated an immediate investigation, enlisting the expertise of leading third-party cybersecurity and forensic professionals.
Related Article: Cisco Talos Claims Ransomware Is 2024's Biggest Security Threat-Schools Now on Target List
Extent of the Compromise
Disturbingly, the data breach has compromised a myriad of personal details, varying based on individuals' connections with the firm. The exposed information includes full names, dates of birth, Social Security numbers (SSNs), passport numbers, driver's license numbers, health insurance details, and general health information.
"The investigation determined that an unauthorized party gained access to certain Keenan internal systems at various times between approximately August 21, 2023, and August 27, 2023, and that the unauthorized party obtained some data from Keenan systems," the company said.
Both customers and employees appear to be impacted, heightening concerns about identity theft, financial fraud, phishing attacks, and health insurance fraud, according to Bleeping Computer's investigation.
Mitigation Efforts by Keenan
Keenan & Associates is actively improving its security measures in response to the breach. The company is intensifying security protocols across its network, internal systems, and applications. Additionally, the company is contemplating additional steps to bolster its overall cybersecurity framework.
Protective Measures for Affected Individuals
Individuals receiving breach notifications are strongly advised to leverage the complimentary two-year identity theft protection service provided by Experian. Remaining vigilant for any signs of suspicious account activities or unsolicited communications is crucial in mitigating potential risks associated with the exposed information.
In the wake of this significant data breach, Keenan & Associates is navigating the aftermath diligently, prioritizing the security and well-being of the 1.5 million affected customers.
In other news, notorious ransomware gang Akira had reportedly attacked the Finland-based Tietoevry Oyj data center which is providing computer systems to Sweden.
In our previous report, we wrote that the cyberattack might stay for quite a long time. Authorities believed that it would take weeks for the affected government agencies in Sweden to recover from the attack. Since the incident, 178 reports of personal data breaches have been recorded.
The same group of cybercriminals attacked Lush, a popular cosmetics firm in the UK. The cybersecurity incident, as described by the investigators, had affected more than 900 stores globally.