Huggins Insurance has issued a release warning its clients that it has detected a data security incident which may have left personal information exposed.
The Salem, OR-based insurance broker said that, in January this year, it discovered a possible data breach pertaining to certain participants of insurance plans where the company served as a broker. The incident involved an email account for a Huggins employee.
Huggins stated that it immediately acted to secure all employee email accounts and launched an investigation into the matter. The broker also approached an independent digital forensics team to find out what happened and if any personal information had been accessed or acquired without authorization.
Later, the forensic team notified Huggins that a second email account had been accessed without authorization. On April 03, 2019, the investigation determined that the affected email accounts held personal information for clients who may have purchased insurance via Huggins, or on whose behalf their employer purchased insurance through Huggins.
A release from the broker said that the personal information potentially involved in the leak included names, addresses, Social Security numbers, health insurance information, and medical treatment information.
“Huggins takes the security of all information within its control very seriously, and has taken steps to prevent a similar event from occurring in the future,” the broker said in a statement, adding that it has no evidence that any of the information potentially affected by the breach had been misused.
The broker has since sent notification letters to potentially impacted individuals.