Skip Ribbon Commands
Skip to main content

Notice of Data Breach; Single Employee Email Accessed; No Member or For-Profit Affiliate Data Systems Involved

What Happened

In November 2018, IIABA was the victim of a security incident whereby an unauthorized individual obtained access to a single IIABA email mailbox.  No member or for-profit affiliate data systems were involved. As part of this incident, it became evident that certain individuals' personal information (primarily consisting of current and former employees) may have been viewed, accessed, or acquired by the unauthorized individual. To the best of our knowledge, this unauthorized activity began on November 6, 2018. The activity was discovered on or around November 29, 2018.

At this time, there is no indication that any personal information was viewed or used inappropriately. However, out of an abundance of caution, we have provided notice to individuals identified as potentially affected.    

What Information Was Involved

As a result of our investigation to date, we determined on March 1, 2019 that certain individuals' names, addresses, social security numbers, financial information, and other personal data may have been potentially exposed.

What We Are Doing

Upon discovery of the incident, IIABA immediately changed all relevant network passwords and alerted the technology staff to monitor closely for any subsequent events. IIABA has retained an outside forensics firm to analyze and investigate the security incident.

What You Can Do

Please review the below section entitled Steps You Can Take to Further Protect Your Information further information on steps you can take to protect your information.

For More Information

For further information and assistance, please contact Kathy Tilson or Inês Hoyle toll free at (800) 221-7917.​


Steve Cocke
Chief Financial Officer

Steps You Can Take to Further Protect Your Information


Review Your Account Statements and Notify Law Enforcement of Suspicious Activity


As a precautionary measure, we recommend that you remain vigilant by reviewing your account statements and credit reports closely. If you detect any suspicious activity on an account, you should promptly notify the financial institution or company with which the account is maintained. You also should promptly report any fraudulent activity or any suspected incidence of identity theft to proper law enforcement authorities, your state attorney general, and/or the Federal Trade Commission.


To file a complaint with the FTC, go to or call 1-877-ID-THEFT (877-438-4338). Complaints filed with the FTC will be added to the FTC's Identity Theft Data Clearinghouse, which is a database made available to law enforcement agencies.


Copy of Credit Report


You may obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting, calling toll-free 877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You can print a copy of the request form at Or you can elect to purchase a copy of your credit report by contacting one of the three national credit reporting agencies. Contact information for the three national credit reporting agencies for the purpose of requesting a copy of your credit report or for general inquiries is provided below:



(800) 685-1111

P.O. Box 740241

Atlanta, GA 30374



(888) 397-3742

535 Anton Blvd., Suite 100

Costa Mesa, CA 92626



(800) 916-8800

P.O. Box 6790

Fullerton, CA 92834

Fraud Alert


You may consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your report and requests that the creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact any of the three credit reporting agencies identified above. Additional information is available at


Security Freeze


You may have the right to put a credit freeze, also known as a security freeze, on your credit file, so that no new credit can be opened in your name without the use of a PIN number that is issued to you when you initiate a freeze. A credit freeze is designed to prevent potential credit grantors from accessing your credit report without your consent. If you place a credit freeze, potential creditors and other third parties will not be able to get access to your credit report unless you temporarily lift the freeze. Therefore, using a credit freeze may delay your ability to obtain credit. In addition, you may incur fees to place, lift and/or remove a credit freeze. Credit freeze laws vary from state to state. The cost of placing, temporarily lifting, and removing a credit freeze also varies by state, generally $5 to $20 per action at each credit reporting company. Unlike a fraud alert, you must separately place a credit freeze on your credit file at each credit reporting company. Since the instructions for how to establish a credit freeze differ from state to state, please contact the three major credit reporting companies as specified below to find out more information:


Equifax: P.O. Box 105788, Atlanta, GA 30348,

Experian: P.O. Box 9554, Allen, TX 75013,

TransUnion LLC: P.O. Box 2000, Chester, PA, 19022-2000,


You can obtain more information about fraud alerts and credit freezes by contacting the FTC or one of the national credit reporting agencies listed above. The contact information for the Federal Trade Commission is as follows:

Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, DC 20580
1-877-ID-THEFT (877-438-4338)

Additional Free Resources on Identity Theft


You may wish to review the tips provided by the Federal Trade Commission on how to avoid identity theft. For more information, please visit or call 1-877-ID-THEFT (877-438-4338).

​127 South Peyton Street
Alexandria VA 22314
​phone: 800.221.7917
fax: 703.683.7556

Follow Us!

​Empowering Trusted Choice®
Independent Insurance Agents.