Risk & Insurance Education Alliance Data Breach: Names & SSNs Exposed

On Nov. 21, 2025, The Society of Certified Insurance Counselors Inc., DBA Risk & Insurance Education Alliance disclosed a data breach to various state attorneys general offices. The cybersecurity incident exposed personally identifiable information (PII) of at least five New Hampshire residents, and potentially significantly more in other states.

According to the investigation, between June 15, 2025, and June 16, 2025, an unauthorized actor gained access to a company email account. This access allowed the actor to download files from the organization’s SharePoint system. Possible information exposed may include names, dates of birth, addresses, phone numbers and Social Security numbers.

The organization discovered the suspicious activity on June 16, 2025, and immediately disabled the compromised email account. The investigation confirmed that the unauthorized actor had access for approximately one day and was able to download sensitive files.

Risk & insurance Education Alliance disclosed the data breach to the New Hampshire Attorney General’s office on Nov. 20, 2025, and to the Massachusetts Attorney General’s office on Nov. 21, 2025. The investigation is ongoing and the exact number of impacted individuals is not yet known. The company has begun notifying impacted individuals by mail.

Risk & Insurance Education Alliance's response

After discovering the breach, the organization took immediate action to secure its email environment and prevent further unauthorized access. As part of their response, they have implemented additional technical security measures and are reviewing and enhancing their existing policies and procedures to prevent similar incidents in the future.

If you receive notification from Risk & Insurance Education Alliance or your provider about this breach, you may want to:

• Sign up for the free IDX identity theft protection services, offered by Risk & Insurance Education Alliance.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.