Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyber Insurance

251k Impacted by Data Breach at Insurance Firm Bay Bridge Administrators

Third-party administrator of insurance products Bay Bridge Administrators (BBA) is informing roughly 250,000 individuals that their personal information might have been compromised in a September 2022 data breach.

Third-party administrator of insurance products Bay Bridge Administrators (BBA) is informing roughly 250,000 individuals that their personal information might have been compromised in a September 2022 data breach.

On Tuesday, the Austin, Texas-based administrator of employee benefit plans announced that, on September 5, 2022, it fell victim to a cyberattack that caused a network disruption.

A subsequent investigation revealed that, around August 15, 2022, a threat actor gained unauthorized access to the Bay Bridge Administrators network and used that access to exfiltrate certain data on September 3.

On December 5, the firm determined that both personally identifiable information (PII) and protected health information (PHI) was exposed during the attack, and started identifying the impacted individuals. On December 29, the company started notifying the impacted individuals of the incident.

The compromised information includes names, addresses, birth dates, Social Security numbers, ID and driver’s license numbers, and medical and health insurance information.

“The personal and protected health information involved was shared with BBA either by the individual, the individual’s employer, and/or the individual’s insurance carrier(s), in connection with enrollment in an employment insurance benefit plan for calendar year 2022,” the company says.

BBA says it is not aware of any of the compromised data being misused, but it is not uncommon for stolen personal information to be traded on hacker marketplaces before being used for nefarious purposes.

On December 29, the company notified the Maine Attorney General’s office that more than 251,000 individuals were impacted by the incident.

Advertisement. Scroll to continue reading.

Related: Burger Chain Five Guys Discloses Data Breach Impacting Job Applicants

Related: DraftKings Data Breach Impacts Personal Information of 68,000 Customers

Related: LastPass Says Password Vault Data Stolen in Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider Horizon3.ai.

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights