Huggins Insurance (“Huggins”), an insurance broker located in Salem, Oregon, recently learned of a data security incident that may have involved personal information pertaining to certain participants of insurance plans for which Huggins acts as a broker. Huggins has mailed notification letters to the potentially impacted individuals to notify them of the incident and to provide resources to assist them.
In January of 2019, Huggins detected a possible data security incident involving the email account for a Huggins employee. Upon learning of this possible incident, Huggins immediately took steps to secure all employee email accounts and began an investigation. In doing so, Huggins engaged an independent digital forensics firm to determine what happened and whether personal information had been accessed or acquired without authorization. The forensic firm later informed Huggins that a second email account had been accessed without authorization. On April 3, 2019, the investigation determined that the impacted email accounts contained personal information for individuals who may have purchased insurance through Huggins, or on whose behalf their employers may have purchased insurance through Huggins. The personal information potentially involved may have included names, addresses, Social Security numbers, health insurance information, and medical treatment information.
Huggins takes the security of all information within its control very seriously, and has taken steps to prevent a similar event from occurring in the future. Huggins has no evidence that any of the information potentially impacted in connection with this matter has been misused.
The notification letters being mailed to potentially impacted individuals include information about the incident and steps that potentially impacted individuals can take to monitor and protect their personal information. Huggins has established a toll-free call center to answer questions about the incident and to address related concerns. The call center is available 5:00 a.m. through 5:00 p.m., Pacific Time, Monday through Friday and can be reached at 1-800-254-7328. Any person who believes they may have been affected by the incident can protect themselves by placing a fraud alert or a security freeze on their credit files. Any person concerned about identity theft may report suspected theft to their state attorney general, local law enforcement, or the Federal Trade Commission.
The privacy and protection of sensitive information is a top priority for Huggins. Huggins deeply regrets any inconvenience or concern this incident may cause.