Risk Strategies Data Breach Exposes Social Security Numbers and Medical Information
Risk Strategies (RSC Insurance Brokerage Inc.) disclosed a data breach involving sensitive personal and medical information. All affected individuals had their names and Social Security numbers exposed, and for some, medical information, medical records, and health, dental, or vision insurance details were also compromised. 47 Massachusetts residents were identified as affected.
Signal context
First seen: Jun 23, 2026
Last updated: Jun 26, 2026
Status: Public signal
Key points
- Data breach involved sensitive personal and medical information.
- Names and Social Security numbers were exposed for all affected individuals.
- Medical information, records, and insurance details were also compromised for some.
Signal analysis
BetaThis analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.
Sector: Finance and Insurance
Likely country: Location not provided
Watch internet-facing systems, credential abuse and exploit activity.
- Source type: outside the affected organization
Impact area: Confidentiality
Likely asset: User or customer data
- 19 signals in the same sector
- 93 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Risk Strategies Data Breach Exposes Social Security Numbers - Claim Depothttps://www.claimdepot.com/data-breach/risk-strategies-2026Public source from claimdepot.com.
Cybercrime News For Jun. 22, 2026. Texans Hit by Cyberattack Tied To Licenses. WCYB Digital Radio. - YouTubehttps://www.youtube.com/watch?v=AcuBF8yJACgPublic source from youtube.com.
Related signals
Grouped by why the signal is relevant.
Saderat Bank Affected by Cyberattacks in Iran
Saderat Bank was among three major Iranian banks affected by a wave of cyberattacks reported on June 23, 2026. The incident prompted a temporary nationwide suspension of card-based services to prevent unauthorized access. This follows an earlier wave of disruptions in mid-June.
Tejarat Bank Affected by Cyberattacks in Iran
Tejarat Bank was among three major Iranian banks affected by a wave of cyberattacks reported on June 23, 2026. The incident prompted a temporary nationwide suspension of card-based services to prevent unauthorized access. This follows an earlier wave of disruptions in mid-June.
Melli Bank Affected by Cyberattacks in Iran
Melli Bank was among three major Iranian banks affected by a wave of cyberattacks reported on June 23, 2026. The incident prompted a temporary nationwide suspension of card-based services to prevent unauthorized access. This follows an earlier wave of disruptions in mid-June.
London Hydro Discloses Data Breach Affecting Customer Information
Canadian electricity provider London Hydro announced a data breach that potentially impacted the personal and account information of its customers. The exposed data may include names, addresses, email addresses, phone numbers, account and billing numbers, service addresses, pricing plans, contract dates, and meter numbers. The utility became aware of suspicious activity on a customer account on June 18, 2026, and an investigation determined a system vulnerability was exploited. No financial or other sensitive information like dates of birth or government IDs were compromised.
American Express Insider Data Breach Reported
American Express was involved in an insider data breach where an employee accessed the personal financial information of an individual. An investigation by the Australian Privacy Commissioner found the company breached privacy laws by failing to implement adequate restrictions on staff access to customer accounts.
NAIC discloses data breach affecting PeopleSoft systems
The National Association of Insurance Commissioners (NAIC) discovered unauthorized access to its PeopleSoft systems on or about June 11, 2026. The incident was identified as a ransomware attack, with the ShinyHunters threat actor group claiming responsibility and alleging the theft of 3.1 terabytes of data, including regulatory filings, statistical reports, insurer financial statements, and rating agency files. The NAIC promptly activated incident response procedures, engaged cybersecurity experts, and is coordinating with law enforcement.