Ryan Specialty Group Reports It Suffered Cyber Breach in April

August 16, 2021

Newly public brokerage firm Ryan Specialty Group reported today on a data security incident that happened in April.

The firm said that on or about April 17, 2021, it became aware of “unusual activity” related to certain employee email accounts and began an investigation. On April 27, 2021, it determined that certain employee email accounts were accessed without authorization between April 4, 2021 and April 20, 2021.

The company then conducted a manual review of the emails to determine whether they contained sensitive information. This process, completed on June 30, 2021, showed that certain personal information for a limited number of individuals was accessible although not necessarily actually accessed or viewed by unauthorized individuals.

The information that was accessible included certain individuals’ names, driver’s license numbers, Social Security numbers, financial account information, passport numbers, medical information, health insurance information, government issued identification numbers, tax identification numbers, username/email and password, and dates of birth.

The company did not say if it was a ransomware attack.

Ryan Specialty said it is notifying potentially affected individuals and is offering complimentary credit monitoring and identity protection services for 24 months through Experian to those whose personal information was accessible in the email accounts at the time of the incident.

The announcement comes just weeks after Ryan Specialty Group made its debut as a public company. Shares of Ryan Specialty Group Holdings Inc. rose 9% in their New York Stock Exchange on July 23, resulting in a market capitalization of $6.5 billion for the insurance brokerage founded and led by industry veteran Patrick Ryan.

Ryan is not alone among insurance brokerages reporting data incidents. Broker Arthur J. Gallagher Gallagher last fall reported on a ransomware attack that occurred between June 3, 2020 and September 26, 2020. It took its global systems offline and launched an investigation that showed that personal information on individuals was accessed. The firm has been contacting affected individuals. The Illinois-based broker now faces a lawsuit alleging that it failed to protect personal information and adequately help individuals whose information was stolen.

Several insurers including AXA, CNA Insurance and title insurer First American Financial Corp. have previously reported data breaches.

Topics Cyber

Was this article valuable?

Here are more articles you may enjoy.