Data breaches can affect a large number of people, and when they are initially reported, those figures could be in the millions.

However, just because one number is reported when the data breach is disclosed does not mean that the matter is closed.

As organizations handle the fallout of a breach, additional victims may be discovered, and that large figure only ends up growing from there.

In this installment of the BlackCloak Thursday Threat Update, we’ll cover a breach where that exact situation took place, as well as a breach impacting 1.5 million insurance broker customers.


New disclosure adds 4M victims to previously reported breach, bringing total to 13M

What we know: Concentra Health Services filed a data breach report to the Department of Health and Human Services stating nearly four million people were affected by another previously reported data breach. Concentra said the incident was tied to a breach reported by medical transcription company Perry Johnson & Associates last year that affected nine million people, thus, bringing the total number of people affected by the breach to nearly 13 million. Compromised data points included patients’ names, dates of birth, Social Security numbers and other medical information.

Recommendations: Anyone affected by the Concentra breach should consider placing a credit freeze and fraud alert on their accounts as soon as possible given the exposure of Social Security numbers. Anyone affected by the breach should also follow the steps outlined by the New York Attorney General, which was sent out when the PJ&A breach was first reported in 2023.


Insurance broker breach affects 1.5M

What we know: Insurance consulting and broker firm Keenan & Associates announced it experienced a data breach affecting 1.5 million customers. An unauthorized individual gained access to Keenan’s internal servers from August 21 to August 27, 2023. Customers’ names, dates of birth, Social Security numbers, passport numbers and driver’s license numbers were exposed in the breach.

Recommendations: Similar to the breach highlighted earlier, Keenan customers should place a credit freeze and fraud alert on their accounts immediately. In its notice on the breach, Keenan said it has set up a phone line customers can call regarding the breach, and recommends obtaining copies of credit reports, to pay attention to bills for any suspicious activity, and offers resources for customers living in various states around the country.


Be proactive and reactive when necessary

Data breaches are an unfortunate byproduct of our increasingly digital lives, but that doesn’t mean you can’t take precautionary measures to protect your personal data. And thanks to the resources available, you can also react quickly to minimize your risk should a data breach notification letter land in your inbox.


Learn more about how two-factor authentication can protect your accounts, and the steps you should take to respond to a data breach.


Get a demo