Roger Keith & Sons Insurance Agency, an independent insurance provider, suffered a **data breach** after a **phishing attack** allowed a threat actor to access an employee’s email account and the company’s internal network via a remote desktop tool. The breach, discovered on **January 27, 2025**, was investigated until **October 6, 2025**, when it was confirmed that **personally identifiable information (PII) and protected health information (PHI)** were compromised. Exposed data included **full names, Social Security numbers, dates of birth, driver’s license numbers, military/US government IDs, mothers’ maiden names, passport numbers, usernames/passwords, credit/debit card details (with access info), financial account numbers, and limited health-related information**.The breach potentially affected **thousands of clients**, though the exact number remains undisclosed. The company notified victims via mail (starting **October 29, 2025**), published a **Notice of Data Security Incident**, and reported the incident to state authorities (e.g., **Massachusetts and Maine Attorney Generals**). In response, Roger Keith & Sons secured the compromised systems, engaged **third-party cybersecurity experts**, and offered **12 months of free Experian IdentityWorks credit monitoring** to affected individuals with exposed Social Security numbers. A **dedicated toll-free helpline** was also established for client inquiries.
Source: https://www.claimdepot.com/data-breach/roger-keith-insurance-2025
TPRM report: https://www.rankiteo.com/company/roger-keith-&-sons-insurance-agency
"id": "rog1532615103125",
"linkid": "roger-keith-&-sons-insurance-agency",
"type": "Breach",
"date": "1/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Thousands (exact number '
'undisclosed)',
'industry': 'Insurance',
'name': 'Roger Keith & Sons Insurance Agency',
'type': 'Independent Insurance Agency'}],
'attack_vector': ['Phishing', 'Remote Desktop Tool'],
'customer_advisories': ['Notified via mail (Oct. 29, 2025)',
'Dedicated toll-free response line (833-594-5303)',
'Website notice published'],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 'Thousands (exact number '
'undisclosed)',
'personally_identifiable_information': ['Full names',
'Social Security '
'numbers',
'Dates of birth',
'Driver’s license '
'numbers',
'Military/US '
'government-issued '
'IDs',
'Mothers’ maiden '
'names',
'Passport numbers',
'Usernames and '
'passwords'],
'sensitivity_of_data': 'High (includes SSNs, financial data, '
'and health-related information)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2025-01-27',
'date_publicly_disclosed': '2025-10-29',
'description': 'Roger Keith & Sons Insurance Agency, an independent insurance '
'agency, experienced a data breach exposing sensitive '
'personally identifiable information (PII) and protected '
'health information (PHI). A threat actor gained access to an '
'employee email account and the internal network via a '
'phishing attack and remote desktop tool. The breach was '
'discovered on Jan. 27, 2025, with the investigation '
'concluding on Oct. 6, 2025. Affected data included full '
'names, Social Security numbers, dates of birth, driver’s '
'license numbers, military/US government IDs, mothers’ maiden '
'names, passport numbers, usernames/passwords, credit/debit '
'card details, financial account numbers, and limited '
'health-related information. Thousands of clients may have '
'been impacted. The agency notified affected individuals by '
'mail on Oct. 29, 2025, and offered 12 months of free Experian '
'IdentityWorks credit monitoring to those with compromised '
'Social Security numbers.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive client data',
'data_compromised': ['Full names',
'Social Security numbers',
'Dates of birth',
'Driver’s license numbers',
'Military/US government-issued identification '
'numbers',
'Mothers’ maiden names',
'Passport numbers',
'Usernames and passwords',
'Credit/debit card numbers with access '
'information',
'Financial account numbers with access '
'information',
'Limited health-related information'],
'identity_theft_risk': 'High (due to exposure of PII and financial '
'data)',
'legal_liabilities': 'Disclosures made to state authorities (e.g., '
'Massachusetts and Maine Attorney Generals '
'offices)',
'payment_information_risk': 'High (credit/debit card numbers and '
'financial account details exposed)',
'systems_affected': ['Employee email account', 'Internal network']},
'initial_access_broker': {'entry_point': ['Phishing attack',
'Remote desktop tool'],
'high_value_targets': ['Employee email account',
'Internal network']},
'investigation_status': 'Completed (as of Oct. 6, 2025)',
'post_incident_analysis': {'root_causes': ['Phishing attack leading to '
'unauthorized access via remote '
'desktop tool']},
'recommendations': ['Sign up for free credit monitoring services (if '
'offered).',
'Monitor credit reports and financial accounts for '
'unusual activity.',
'Be alert for phishing emails/phone calls exploiting '
'exposed information.',
'Consider placing a fraud alert or credit freeze with '
'major credit bureaus.'],
'references': [{'source': 'Roger Keith & Sons Insurance Agency - Notice of '
'Data Security Incident'}],
'regulatory_compliance': {'regulatory_notifications': ['Massachusetts '
'Attorney General’s '
'Office',
'Maine Attorney '
'General’s Office']},
'response': {'communication_strategy': ['Notified affected individuals by '
'mail (Oct. 29, 2025)',
'Published Notice of Data Security '
'Incident on website',
'Established dedicated toll-free '
'response line (833-594-5303, Mon-Fri '
'9:00 a.m. to 9:00 p.m. ET)'],
'containment_measures': ['Secured affected network',
'Secured compromised email account'],
'incident_response_plan_activated': True,
'recovery_measures': ['Offered 12 months of free Experian '
'IdentityWorks credit monitoring to '
'affected individuals'],
'third_party_assistance': 'Engaged third-party cybersecurity '
'professionals'},
'title': 'Roger Keith & Sons Insurance Agency Data Breach',
'type': ['Data Breach', 'Phishing', 'Unauthorized Access']}