Third-party administrator of insurance products Bay Bridge Administrators (BBA) is informing roughly 250,000 individuals that their personal information might have been compromised in a September 2022 data breach.
On Tuesday, the Austin, Texas-based administrator of employee benefit plans announced that, on September 5, 2022, it fell victim to a cyberattack that caused a network disruption.
A subsequent investigation revealed that, around August 15, 2022, a threat actor gained unauthorized access to the Bay Bridge Administrators network and used that access to exfiltrate certain data on September 3.
On December 5, the firm determined that both personally identifiable information (PII) and protected health information (PHI) was exposed during the attack, and started identifying the impacted individuals. On December 29, the company started notifying the impacted individuals of the incident.
The compromised information includes names, addresses, birth dates, Social Security numbers, ID and driver’s license numbers, and medical and health insurance information.
