Centerstone Insurance and Financial Services, which does business as BenefitMall, has announced that it has experienced a data breach that may have exposed the personal information of some of its customers.
BenefitMall said that on October 11, it became aware of an email phishing attack that exposed employee email login credentials.
Emails in the affected mailboxes may have included customers’ names, addresses, Social Security numbers, dates of birth, bank account numbers, and information on the payment of insurance premiums. The company said that based on its current review, it does not appear that any customer information has been used inappropriately so far.
“BenefitMall takes the privacy and security of personal information very seriously,” the company said in a news release. “Once BenefitMall learned of this issue, the company immediately initiated an internal review. The company also retained a top computer forensics firm to help conduct a thorough investigation of the incident and remediate BenefitMall’s systems. BenefitMall has also reported the incident to law enforcement and will continue to work closely with them during their review.”
The company said that it has implemented additional security measures to help prevent future attacks.