Insurance Broker Keenan Says 1.5 Million Affected by Data Breach – Source: securityboulevard.com

Insurance broker Keenan and Associates is notifying more than 1.5 million people that their personal information may have been stolen during a cyberattack on its systems last summer.

According to a letter being sent to potential victims, the attackers hacked into the California-based company’s internal systems multiple times between August 21 and 27, gaining access to such data as names, dates of birth, Social Security, passport, and driver’s license numbers, and information about health insurance and general health.

Keenan executives warned that consumers whose data was compromised are now susceptible to identity theft and other fraud scams.

In a notice on its website, the company said that within hours of detecting the intrusion into its network servers, the threat was contained and the FBI was contacted.

Keenan, was founded in 1972 and has about 800 employees, negotiates insurance programs for schools, healthcare organizations, and public agencies. It accelerated its growth and gained a national reach in 2017 when it became part of AssuredPartners group of independent insurance brokers.

Schneider Electric Hit with Ransomware

The notification from Keenan – which says it is the 11^th largest broker in the United States – regarding the August 2023 attack came the same day that France-based multinational Schneider Electric revealed that its Sustainability Business division was hit by a ransomware attack January 17 and that an ongoing investigation indicates that data was accessed by the intruders.

The attack reportedly was the work of the Cactus ransomware group, which is said to have stolen terabytes of data and is extorting the company, threatening to publicly leak the data if the money isn’t paid.

Customers affected by the attack have been contacted, the company said, adding that the attack impacted its cloud-based Resource Advisor energy management software. The Cactus group has been active since March 2023.

Schneider executives noted that its Sustainability Business is an autonomous unit that operates on an isolated network infrastructure, so other entities within Schneider Electric were affected. They expect the impacted systems will be operational this week.

Financial Services Firms are Attractive Targets

The data breach of Keenan and Associates marks the latest cyberattack on a high-profile financial services organization. Fidelity National Financial reported earlier this month that hackers had stolen data, including Social Security numbers, from more than 1.3 million customers in a November 2023 attack that the notorious ransomware group BlackCat – also known as ALPHV – claimed responsibility for.

Mortgate lender loanDepot this month disclosed a ransomware attack that included the bad actors access systems and encrypting data, while another mortgage organization, Mr Cooper, that hackers stole the private information of almost 14.7 million people in a security breach in October 2023.

The financial services industry ranks up there with healthcare as among the most popular targets of threat groups, with cybersecurity firm Sophos last year finding that the number of ransomware attacks in the sector rose from 34% of organization in 2021 being victims to 64% last year, in large part due to the Cl0p ransomware group exploiting a vulnerability in Progress Software’s MOVEit file transfer tool starting in May 2023.

As of this week, cybersecurity company Emsisoft said that 2,741 companies have been victims of MOVEit-related attacks, which has affected more than 94.2 million. The Cl0p group accounted for 39% of ransomware incidents targeting the financial services sector, cybersecurity firm Trustwave wrote in a report last fall.

About 51% of companies in the sector that reported a data breach by Cl0p and other groups were from the United States, with India coming in second at 9%. In a statement, Trustwave CISO Kory Daniels stressed cybersecurity’s role in protecting customers and keeping their trust.

“For financial institutions, it isn’t just about protecting data, it’s about safeguarding the financial well-being and peace of mind of customers, partners, and investors,” Daniels said.

Keenan executives said the company is implementing additional security protocols to strengthen the security of its network, internal systems, and applications and will consider future actions. Keenan also is offering affected consumers a complimentary two-year membership in Experian’s IdentityWorks Credit 1B program, which is designed to detect the misuse of personal data and offers users identity protection services.