On January 3, 2024, CRB Group experienced a network disruption that led to a data breach affecting its systems. The breach was reported to the Attorney General of Massachusetts, revealing that sensitive personal identifiable information might have been accessed by an unauthorized party between December 25, 2023, and January 3, 2024. CRB launched an investigation to assess the extent of the breach and the nature of the compromised information.
The investigation uncovered that personal information within CRB’s systems was potentially exposed. The specific types of information affected were not detailed publicly, but personal information typically includes names, Social Security numbers, government identification numbers, and financial account details. The review aimed to identify which individuals were impacted and what specific data was compromised.
On August 21, 2024, CRB began mailing data breach notification letters to those affected. The letters provided details about the specific types of sensitive information that might have been exposed and offered complimentary credit monitoring services to help mitigate the impact of the breach. A form of the breach notification letter was filed with the Attorney General of New Hampshire.
CRB’s response to the breach includes a comprehensive review and notification process to inform affected individuals and offer support through credit monitoring services. The company is working to address the security issues and prevent future incidents, emphasizing transparency and assistance for those impacted by the breach.
Reference:
