Business Insurance Services Data Breach Exposes SSNs

On April 9, 2025, Business Insurance Services, Inc. reported a data breach to the Massachusetts Attorney General's office, disclosing that sensitive personal and financial information of consumers was exposed. The compromised data included personally identifiable information (PII) such as first and last names, Social Security numbers, government identification cards, and sensitive financial information, including bank account numbers, routing numbers, and payment card numbers.

At this time, Business Insurance Services, Inc. has not publicly disclosed exactly how the breach occurred or who was responsible for the unauthorized access. The company has indicated that upon discovering the incident, they immediately took steps to secure their systems and prevent further unauthorized access. They also engaged legal counsel and external IT forensic specialists to investigate the scope and nature of the breach.

Given the nature of the exposed data, including Social Security numbers and financial account details, the data breach is considered serious. Such information can potentially be used for identity theft, financial fraud, or other malicious activities.

Business Insurance Services' response

In response to the data breach, Business Insurance Services has taken steps to secure their systems and has initiated an investigation with the assistance of external cybersecurity experts. They have also provided affected individuals with access to identity protection services, including Single Bureau Credit Monitoring, Single Bureau Credit Report, and Single Bureau Credit Score services at no cost for 24 months. These services, provided by Cyberscout (a TransUnion company), include proactive fraud assistance and alerts when changes occur in the individual's credit file.

If you received a notification letter from Business Insurance Services, Inc., you should promptly enroll in the provided identity protection services. Enrollment instructions and unique activation codes are included in the notification letter. You can activate your credit monitoring services by visiting the Cyberscout activation page.

Additionally, the company recommends that affected individuals remain vigilant by regularly reviewing account statements and credit reports for suspicious activities. If you notice any unusual activity, you should immediately contact your financial institution or credit reporting agencies. For further assistance or questions, you can contact the dedicated assistance line provided by TransUnion at 1-800-405-6108, Monday through Friday, excluding major U.S. holidays. More information is also available on the TransUnion website.

For detailed information about the incident, you can review the official disclosure filed with the Massachusetts Attorney General's office at the Massachusetts Attorney General's website. Additionally, Business Insurance Services, Inc. has posted information about the data breach on their own company website.