"Aon Hack Exposed Sensitive Information of 146,000 Customers"

Aon recently disclosed that 145,889 of its North American customers had their sensitive information exposed in a significant data breach.  The British multinational financial services firm that sells a range of risk-mitigation products stated that hackers breached its systems "at various times" from December 29, 2020, to February 26, 2022.  Aon disclosed the breach in a Securities & Exchange Commission filing in February.  Further details were disclosed three months later, on May 26.  On May 27, Aon told affected individuals that affected personally identifiable information includes driver's license numbers, Social Security numbers, and "in a small number of cases, benefits enrolment information." Aon stated that it has taken steps to confirm that the unauthorized third party no longer has access to the data and has no indication that the unauthorized third party further copied, retained, or shared any data.  Aon stated, "we have no reason to suspect your information has or will be misused." Affected customers were offered 24-month membership with an identity-protection firm.  Aon faces at least two lawsuits from plaintiffs as a result of the data breach.  
 

Infosecurity reports: "Aon Hack Exposed Sensitive Information of 146,000 Customers"