Strauss Borrelli PLLC, a leading data breach law firm, is investigating QBE Insurance Corporation, which does business as QBE North America (“QBE”) and its business partner, HealthEquity, Inc. regarding its recent data breach. The QBE data breach involved sensitive personal information and protected health information belonging to an undetermined number of individuals.
ABOUT QBE INSURANCE CORPORATION D/B/A QBE NORTH AMERICA:
QBE is a global insurance company based in Sydney, Australia. Founded in 1886, QBE operates out of 27 countries around the globe, with a presence in every key insurance market.2 Leveraging its deep expertise and insights, QBE offers commercial, crop and specialty products and risk management solutions to help people and businesses manage risks, build strength and embrace change to their advantage.3 In 1991, QBE North America was established as QBE’s North American division. In 2023, QBE North America reported gross written premiums of $7.6 billion.2 Today, QBE North America is headquartered in New York, New York and employs over 1,000 individuals. 2
WHAT HAPPENED?
Recently, QBE reported to the Attorney General of the Commonwealth of Massachusetts that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed and acquired. According to the breach notice, QBE was impacted by the HealthEquity data breach that took place on March 25, 2024. Through its investigation, HealthEquity learned that an unauthorized third party had accessed a data repository outside its main systems. As a result, HealthEquity launched an investigation to determine the nature of the incident.
After learning that sensitive data was compromised. HealthEquity began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On June 26, 2024, HealthEquity finalized this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address and other contact information
- Date of birth
- Employer and employee ID
- Payment card transaction information
- Health insurance information (e.g., health card number, health plan member identifier)
- HealthEquity benefit type (e.g., FSA, HRA, HAS, Lifestyle, Commuter, COBRA) for employees as well as dependent information
As a result of the data breach, QBE began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Massachusetts residents, QBE is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary credit monitoring services. A link to the breach notification letter that QBE filed with the Attorney General of Massachusetts is below, as well as the notice HealthEquity posted on their website.
If you received a beach notification letter from QBE Insurance Corporation d/b/a QBE North America:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
