SecurityWeek reports that U.S. insurance company Johnson & Johnson had personal information from 3,200 individuals compromised following a data breach on its network in August.
Investigation into the incident conducted by a third party revealed that attackers may have accessed insurance practice files kept in a network location, said the insurer in breach notification letters, which have also been filed with the Office of the Maine Attorney General.
While the types of personal information that had been exfiltrated as a result of the incident were not specified, Johnson & Johnson emphasized that there has been no evidence suggesting the misuse of the compromised data while offering complimentary credit monitoring and identity restoration services to individuals affected by the breach.
Additional details regarding the incident remain scant and no threat actor has taken responsibility for the attack against the insurance firm.
