Dark Reading

A leak at a third-party service provider may have caused a compromise of employee and customer data at insurance giant MassMutual, the company says.

According to news reports, former employees are being notified of a breach that may affect the personal information of family members, as well.

"MassMutual can confirm that, despite comprehensive procedures and diligent practices to protect confidential and private data concerning employees at MassMutual and several of its subsidiaries, a limited amount of personal employee information maintained in a database by an outside vendor (engaged by the company) may have been subject to unauthorized access," said spokesman Jim Lacey, in a statement from MassMutual.

"However, the vendor engaged a highly respected forensics team to investigate, and at this time we believe that no misuse of the information or fraudulent activity involving the data has occurred. This database does not include any client or field representative information of any type; it also did not contain personal Social Security or bank account information.

"Importantly, as a precautionary measure, we have taken swift and prudent measures to further protect these employees through actions that include timely notice and detailed information, as well as a free subscription provided by the vendor for credit monitoring services," Lacey's statement says. "The company is also working closely with the vendor to ensure every measure is taken to fully resolve this situation and to better prevent this from happening in the future."

The company did not say which databases were affected by the breach or how they were compromised.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.