Keenan & Associates Data Breach Affects 1.5 Million

In a significant cybersecurity incident, Keenan & Associates, a subsidiary of AssuredPartners Inc., has reported a data breach impacting approximately 1.5 million individuals. The breach, which was discovered on August 27, 2023, involved unauthorized access to the company's internal systems between August 21 and August 27, 2023.

According to BleepingComputer, the compromised data includes sensitive personal information such as full names, dates of birth, Social Security numbers, passport numbers, driver's license numbers, health insurance information, and general health information. The breach notification submitted to the Maine Attorney General's Office also highlights the extensive nature of the data breach, stating that 1,509,616 individuals were affected.

In a notice to the affected individuals, Keenan & Associates stated that it took prompt action to contain the breach once it was detected and reached out to law enforcement. Keenan reported that an “unauthorized party gained access to certain Keenan internal systems at various times between approximately August 21, 2023, and August 27, 2023” and the threat actors obtained some data from Keenan systems.

Keenan & Associates, known for its services in the insurance brokerage and consulting sector, particularly in education, healthcare, and public agencies, took immediate action within hours of its discovery and has since been working to enhance the security of its network and internal systems. There is currently no evidence to suggest that the affected personal information has been misused.

Additionally, Keenan & Associates is offering two years of complimentary identity theft protection services through Experian to all affected clients and individuals.

This incident serves as a stark reminder of the persistent threats in the digital landscape and the importance of robust cybersecurity measures. Those affected by the breach are advised to monitor their accounts closely and to report anything suspicious.