The Register reports that U.S. insurance and advisory services provider Hilb Group had 81,539 individuals' personal data compromised following a breach of employee email accounts earlier this year.
Aside from exfiltrating individuals' first and last names, threat actors were also able to steal financial account numbers and credit or debit card numbers, along with their security codes, passwords, and PINs, after infiltrating employee email inboxes from Dec. 1, 2022, to Jan. 12, 2023, said the Hilb Group in a notification sent to the Maine Attorney General's office.
Impacted email accounts were immediately secured following the discovery of the breach, with Hilb noting that additional protections have been adopted to prevent similar compromises in the future. While Hilb completed reviewing compromised email contents by the end of July, it sought to determine affected individuals before sending breach notification letters earlier last month. People whose data were impacted by the incident have been given free identity protection and credit monitoring services.
