After Ransomware Attack AJG US Reported Data Breach
US-based global insurance brokerage and risk management firm, Arthur J. Gallagher (AJG) has reported a cyberattack on the company’s infrastructure. The company has started mailing about the breach to its potentially impacted individuals. It is worth noting that earlier, in September 2020, the company made headlines for a ransomware attack that crippled its systems.
“Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, we determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020, and September 26, 2020,” AJG reported to the press.
As per the latest statistic, AJG stands as one of the largest insurance brokers in the world, it has more than 33,300 employees and the firm works in 49 countries remotely. Alongside, in Fortune 500 list, AJG ranked 429, and as per the information on its website this insurance company provides insurance-related services to more than 150 countries.
Regarding the breach, the company has not given technical details, it remains unclear whether customers’ or employees’ credentials were accessed or stolen. However, during the investigation, the company found that sensitive information stored on systems in various forms have been breached during the attack including usernames, passwords, social security number or tax identification number, date of birth, passport details, driver’s license, employee identification number, credit card information, medical records, electronic signature, claim, diagnosis, health insurance information, and biometric information.
Following the incident, the company has notified data regulatory authorities and all affected people (7,376 according to the information provided to the Office of Maine’s Attorney General) as per the law. Additionally, the company has recommended affected individuals keep an eye on their bank, credit cards for any fraud cases.
“While Gallagher is not aware of any attempted or actual misuse of the impacted information, Gallagher is providing access to credit monitoring services for twenty-four months through Kroll to individuals whose personal information was affected by this incident, at no cost to these individuals,” AJG added.