Skip to main content
data on computer data on computer

Hub International Data Breach Investigation

Written by The Lyon Firm on . Posted in Data Breach.

Thank you for considering The Lyon Firm. At this time, we are not accepting plaintiffs related to this specific consumer issue. However, if you would like to be contacted in the future, please complete the contact form. By completing the form you will be contacted if the Firm begins accepting new cases on this matter, and you will also be included in firm news alerts related to important consumer safety and privacy issues to help keep you informed about related issues.

The Lyon Firm is investigating a security breach at Hub International that may have impacted over 475,000 individuals. The firm is committed to representing victims and seeking compensation for plaintiffs. Contact our lawyers for a free consult and to discuss legal action.

Hub International Limited (HUB), a parent company of insurance brokerage firms, provides property, casualty, risk management, life and health, employee benefits, investment, and wealth management products and services.

Hub is now providing notice of a data privacy incident in January 2023 when suspicious activity was detected on certain IT systems. An investigation concluded that portions of the Hub network were accessed by an unauthorized individual and files were copied.

What information has been compromised?

A data breach review is still ongoing, but the company has determined that the data contains information related to current and former employees, individuals for whom Hub places insurance policies, and individuals related to insurance carriers and employers to whom Hub provides services. The following may have been leaked:

  • Names
  • Social Security numbers
  • Driver’s license numbers
  • Passport numbers
  • Financial account information
  • Health insurance information
  • Medical information

The Lyon Firm believes that companies have a duty to protect personal data and to engage in the following system security measures:

  • Carefully monitor data security systems for intrusions
  • Ensure that third party vendors with access to computer networks and data employ their own security procedures
  • Train employees to safely handle of emails containing PII and maintain adequate email security practices
  • Implement technical policies and procedures to allow electronic access only to individuals or software programs granted access rights
  • Implement procedures to review records of information system activity regularly, such as audit logs, access reports and security incident tracking reports
  • Protect against reasonably anticipated threats or hazards to the security or integrity of electronic data

The Lyon Firm has experience nationwide in a wide variety of privacy litigation