Starr Insurance Data Breach Exposes Sensitive Personal and Medical Information

Starr Insurance Inc., an independent insurance agency based in Chambersburg, Pennsylvania, disclosed a data breach after discovering suspicious activity in its computer systems on Nov. 18, 2025.

An investigation conducted with the help of external cybersecurity specialists confirmed that an unauthorized actor accessed and copied files from certain company computer systems on that same date.

The company engaged an external data analytics specialist to review to the contents of the affected files.

On April 1, 2026, the Akira ransomware group claimed responsibility for the attack on the Tor network. The group stated it had obtained 15 gigabytes of organizational data from Starr Insurance. The group claimed the compromised data included employee passports, driver's licenses, Social Security numbers and other personal information, as well as financial records, customer information and non-disclosure agreements.

The confirmed types of information exposed varied by individual but may have include names, addresses, Social Security numbers, driver's license numbers, financial account information, payment card information, medical information, health insurance information and online account access information.

The company posted a notice of the data security event on its website detailing the specifics of the incident.

Starr Insurance's response to the breach

The company continues to review and enhance its existing policies and procedures related to data protection and security. It is also implementing additional security measures to help reduce risk associated with this event and to help prevent similar incidents in the future.

The company stated that affected individuals should consider taking protective steps without delay.

Individuals with questions about the incident can contact Starr Insurance by calling 833-918-6215, available Monday through Friday from 9 a.m. to 9 p.m. Eastern Time, excluding major U.S. holidays.

They may also write to the company at 1113-B Kennebec Drive, Chambersburg, Pennsylvania 17201.

Steps to take if your information was exposed

• Place a credit freeze or fraud alert with Equifax (1-800-525-6285), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) to help prevent new accounts from being opened using stolen information.
• Review credit reports carefully by requesting free copies at AnnualCreditReport.com and looking for any unfamiliar accounts, inquiries or address changes.
• Monitor bank accounts and payment cards by checking statements frequently for unauthorized transactions and reporting anything suspicious to the financial institution right away.
• Change passwords and enable multi-factor authentication on online accounts, particularly any accounts that may share login credentials with those potentially compromised in this breach.
• Be cautious of phishing attempts that reference Starr Insurance by name, as criminals sometimes use real breach notifications to trick people into providing additional personal information.