Starr Insurance Data Breach: Akira Ransomware Group Exfiltrates 15GB of Sensitive Data
In November 2025, Starr Insurance, Inc., a Pennsylvania-based insurance agency, suffered a data breach after an unauthorized actor accessed and copied files from its network. The ransomware group Akira later claimed responsibility for the attack in April 2026, stating it had exfiltrated 15 gigabytes of data, which was subsequently listed for download on its leak site.
Despite the breach occurring in late 2025, Starr Insurance did not begin notifying affected individuals until May 6, 2026 a delay that may have violated federal or state data protection regulations. The compromised data includes highly sensitive information such as names, addresses, Social Security numbers, driver’s license numbers, financial account details, payment card information, medical records, health insurance data, and online account credentials.
Legal firm Schubert Jonckheer & Kolbe LLP is currently investigating the incident, noting that impacted individuals may face risks of identity theft and privacy violations. The breach has raised concerns about Starr Insurance’s cybersecurity practices and compliance with notification requirements.
Source: https://www.classactionlawyers.com/blog/starrinsurance
Starr cybersecurity rating report: https://www.rankiteo.com/company/starr-insurance
"id": "STA1778283287",
"linkid": "starr-insurance",
"type": "Ransomware",
"date": "11/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Insurance',
'location': 'Pennsylvania, USA',
'name': 'Starr Insurance, Inc.',
'type': 'Insurance Agency'}],
'attack_vector': 'Unauthorized access',
'customer_advisories': 'Notifications sent to affected individuals starting '
'May 6, 2026',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Highly sensitive',
'type_of_data_compromised': ['Names',
'Addresses',
'Social Security numbers',
'Driver’s license numbers',
'Financial account details',
'Payment card information',
'Medical records',
'Health insurance data',
'Online account credentials']},
'date_detected': '2025-11',
'date_publicly_disclosed': '2026-04',
'description': 'In November 2025, Starr Insurance, Inc., a Pennsylvania-based '
'insurance agency, suffered a data breach after an '
'unauthorized actor accessed and copied files from its '
'network. The ransomware group *Akira* later claimed '
'responsibility for the attack in April 2026, stating it had '
'exfiltrated 15 gigabytes of data, which was subsequently '
'listed for download on its leak site. Despite the breach '
'occurring in late 2025, Starr Insurance did not begin '
'notifying affected individuals until May 6, 2026, a delay '
'that may have violated federal or state data protection '
'regulations. The compromised data includes highly sensitive '
'information such as names, addresses, Social Security '
'numbers, driver’s license numbers, financial account details, '
'payment card information, medical records, health insurance '
'data, and online account credentials.',
'impact': {'brand_reputation_impact': 'Raised concerns about cybersecurity '
'practices and compliance',
'data_compromised': '15GB of sensitive data',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential violations of federal or state '
'data protection regulations',
'payment_information_risk': 'High'},
'initial_access_broker': {'data_sold_on_dark_web': 'Listed for download on '
'leak site'},
'investigation_status': 'Ongoing',
'motivation': 'Data exfiltration, Financial gain',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Akira'},
'references': [{'source': 'Legal firm Schubert Jonckheer & Kolbe LLP'}],
'regulatory_compliance': {'legal_actions': 'Under investigation by Schubert '
'Jonckheer & Kolbe LLP',
'regulations_violated': 'Potential federal or state '
'data protection '
'regulations'},
'response': {'communication_strategy': 'Notifications began on May 6, 2026',
'third_party_assistance': 'Legal firm Schubert Jonckheer & Kolbe '
'LLP investigating the incident'},
'threat_actor': 'Akira Ransomware Group',
'title': 'Starr Insurance Data Breach: Akira Ransomware Group Exfiltrates '
'15GB of Sensitive Data',
'type': 'Data Breach, Ransomware'}