Hi, what are you looking for?
Third-party administrator of insurance products Bay Bridge Administrators (BBA) is informing roughly 250,000 individuals that their personal information might have been compromised in a September 2022 data breach.
By
Flipboard
Reddit
Pinterest
Whatsapp
Whatsapp
Email
Third-party administrator of insurance products Bay Bridge Administrators (BBA) is informing roughly 250,000 individuals that their personal information might have been compromised in a September 2022 data breach.
On Tuesday, the Austin, Texas-based administrator of employee benefit plans announced that, on September 5, 2022, it fell victim to a cyberattack that caused a network disruption.
A subsequent investigation revealed that, around August 15, 2022, a threat actor gained unauthorized access to the Bay Bridge Administrators network and used that access to exfiltrate certain data on September 3.
On December 5, the firm determined that both personally identifiable information (PII) and protected health information (PHI) was exposed during the attack, and started identifying the impacted individuals. On December 29, the company started notifying the impacted individuals of the incident.
The compromised information includes names, addresses, birth dates, Social Security numbers, ID and driver’s license numbers, and medical and health insurance information.
“The personal and protected health information involved was shared with BBA either by the individual, the individual’s employer, and/or the individual’s insurance carrier(s), in connection with enrollment in an employment insurance benefit plan for calendar year 2022,” the company says.
BBA says it is not aware of any of the compromised data being misused, but it is not uncommon for stolen personal information to be traded on hacker marketplaces before being used for nefarious purposes.
On December 29, the company notified the Maine Attorney General’s office that more than 251,000 individuals were impacted by the incident.
Related: Burger Chain Five Guys Discloses Data Breach Impacting Job Applicants
Related: DraftKings Data Breach Impacts Personal Information of 68,000 Customers
Related: LastPass Says Password Vault Data Stolen in Data Breach
Ionut Arghire is an international correspondent for SecurityWeek.
Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in a self-service manner are becoming increasingly popular.
Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.
No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.
Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud, and edge.
How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.
Flipboard
Reddit
Pinterest
Whatsapp
Whatsapp
Email
Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.
The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.
The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.
No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.
A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of…
A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the…
The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool…
The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.
Got a confidential news tip? We want to hear from you.
Reach a large audience of enterprise cybersecurity professionals
Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.
Copyright © 2023 Wired Business Media. All Rights Reserved.
Leave a Reply