HUB discloses data breach

HUB is providing notice of a recent data privacy event primarily related to its US operations.

On January 17, 2023, HUB detected unusual activity within specific segments of its network. It isolated the affected systems and initiated a detailed forensic investigation. The inquiry revealed that unauthorized access had occurred, with certain files being copied without permission between December 2022 and January 2023. After confirming the breach, HUB undertook a thorough assessment of the compromised data to ascertain its content and relevance. By July 27, 2023, HUB had completed its preliminary analysis and commenced the process of notifying the concerned parties.

While the investigation at HUB is still in progress, preliminary findings indicate that the compromised data pertains to both current and former employees, clients for whom HUB has facilitated insurance policies, as well as individuals associated with insurance carriers and employers serviced by HUB. The nature of exposed information differs for each individual, spanning details such as names, Social Security numbers, driver’s license and passport numbers, financial data, health insurance details, and specific medical records. Notably, a segment of the breached data also concerns a select group of Canadian individuals.

The company is actively communicating with its business partners impacted by this incident and ensuring notifications reach those who might be affected.