Posted On May 18, 2023 Consumer Privacy & Data Breaches
May 18 – Conner Strong & Buckelew notified the Vermont Attorney General of a data breach on May 10, 2023, after finding that a third party had gained access to sensitive consumer information by hacking the email accounts of multiple employees. CBS may have reported the current data breach, but the company has not said what information was compromised. CSB started mailing data breach notification letters to everyone who was affected after it was confirmed that confidential data was compromised.
The letters sent to each individual will specify what information was accessed.
Data breach lawyers at Console & Associates, P.C. are now investigating the CSB security incident. Since the Conner Strong & Buckelew data breach was a third-party breach, it can be expected that you may never have heard of the company. It does not mean, however, that it does not have your information. It just means that the company obtained your information from a different source. This means you need to know exactly what’s at stake and how to protect yourself. We are offering free consultations to any victim of the breach that wants to learn more about how to protect themselves and what legal options are available for receiving financial compensation from CSB.
Dover, DE; New York, NY; Toms River, NJ; Camden, NJ; Boston, MA; Philadelphia, PA; Palm Beach, FL; and Parsippany, NY are just a few of the locations of Conner Strong & Buckelew, a risk management, insurance broker, and employee benefits consulting and brokerage firm headquartered in Camden, New Jersey. Buckelew was founded by Conner Strong in 1959 and has since grown to employ over 500 people and produce yearly sales of over $408 million.
In a recent filing with the Vermont Attorney General, CSB said that it had discovered suspicious behavior in multiple staff email accounts. As a result, CSB took the necessary precautions to protect the impacted accounts and began an investigation with the aid of outside data security experts.
The CSB review found that between February 7 and March 30, 2022, an unauthorized entity hacked into a number of staff email accounts. Some of the emails and attachments inside the compromised accounts may have included sensitive consumer information.
After learning that confidential information had fallen into the wrong hands, Conner Strong & Buckelew launched a thorough investigation of the compromised files to ascertain what data had been exposed and who had been affected.
Data breach letters were sent out by Conner Strong & Buckelew on May 10, 2023, to everyone whose data was exposed.
If you get a communication from CSB about a data breach, it’s probable that your personal information was compromised. You should assume that a hacker has gained access to your private data. Consumers likely felt safe entrusting their information with Conner Strong & Buckelew. In light of this data mishap, CSB’s preparation and proactiveness with respect to security standards are brought into question. CSB was a target, but it was also an important line of defense for consumers’ personal information. If evidence of CSB’s negligence in its security procedures, such as the use of outdated technology, becomes public, you may be entitled to monetary compensation from the firm.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Conner Strong & Buckelew data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the letter sent to affected individuals:
Conner Strong & Buckelew (“CSB”) is writing to inform you of a recent incident that may impact the security of some of your information. CSB received your information as part of the normal course of business providing insurance and brokerage consulting services to [Redacted]. While we are unaware of any actual or attempted misuse of your information, we are providing you with information about the incident, our response, and steps you may take to better protect against the possibility of identity theft or fraud, should you feel it necessary to do so.
What Happened? CSB discovered suspicious activity related to certain CSB employee email accounts. Upon discovering this activity, we immediately took steps to secure the accounts and launched an investigation with the assistance of third-party forensic investigators to determine the nature and scope of the event. The investigation determined that email accounts belonging to certain CSB employees were subject to unauthorized access on separate occasions between February 7, 2022 and March 30, 2022. As a result, the unauthorized actor may have had access to certain emails and attachments within these accounts.
What Information Was Involved? The investigation was unable to identify all emails or attachments in the accounts that the unauthorized individual may have accessed or acquired. Therefore, out of an abundance of caution, we conducted a review of the entire contents of the email accounts for emails or attachments that contain personal information and CSB notified [Redacted] of this incident. This review was recently completed and we are notifying you of this incident because the investigation confirmed that your information was present at the time of the incident. The impacted information that is related to you includes your [Redacted]. To date, CSB is not aware of any actual or attempted misuse of your information.
What We Are Doing. The confidentiality, privacy, and security of information in our care is one of our highest priorities and we take this incident very seriously. When we discovered this incident, we immediately reset the impacted email account passwords and took steps to determine what information was in the impacted accounts and to which CSB clients the information belonged. We further confirmed the security of our employee email accounts and related systems and are reviewing and strengthening our existing policies, procedures, and safeguards related to cybersecurity. We have also notified appropriate state and federal regulators.
What You Can Do. We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors. Please also review the information contained in the enclosed Steps You Can Take to Help Protect Your Information.
For More Information. We understand that you may have questions about this incident that are not addressed in this letter. If you have additional questions, please call our dedicated assistance line at (866) 347-9961, Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time, excluding some major U.S. holidays. We sincerely regret any inconvenience or concern this incident has caused.