Cyber Incident Victim: Pacific Specialty Insurance Company

Pacific Specialty Insurance Company experienced a cybersecurity incident involving unauthorized access to employee email accounts between March 20 and March 30, 2019. The breach remained undetected until June 14, 2019, when suspicious activity prompted an internal investigation supported by third-party forensic experts. Investigators confirmed that threat actors had compromised multiple employee email accounts during the 10-day intrusion window. The company initiated a comprehensive review of all files within the affected accounts to determine the scope of potentially accessed data. This forensic examination revealed that exposed information included names, Social Security numbers, driver's licenses, government IDs, financial account details, payment card information, medical records, and health insurance data. The compromised records affected an undisclosed number of plan members and other individuals whose information resided in the targeted email accounts.

Pacific Specialty's response included immediate credential resets for all employee email accounts upon detecting the breach in June 2019. The organization spent nearly five months conducting forensic analysis before identifying impacted individuals on November 7, 2019. Subsequent efforts to gather current contact information for notification extended through January 14, 2020. The company implemented multifactor authentication and enhanced email security controls following the incident. Beginning January 24, 2020—ten months after the initial breach—Pacific Specialty mailed notification letters to affected individuals with verified postal addresses and offered 12 months of complimentary credit monitoring services. The delayed disclosure timeline reflected the prolonged investigation period required to determine breach scope and locate impacted parties rather than immediate public notification upon incident discovery.