The Maryland Insurance Administration is cautioning consumers that their personal information might have been exposed after several insurance companies operating in the state reported being victims of the MOVEit data breach. Depending on local laws, insurance and other companies can be required to notify consumers if personal information was comprised during a data breach. Information that was potentially exposed includes Social Security numbers, birth dates and other identifying information, according to the Maryland insurance regulator, which noted it has only received breach notices from insurers that issue life, annuity and long-term care products. The MOVEit data breach is a massive event, impacting more than 1 million people so far. Jackson National Life Insurance Co., for example, had as many as 800,000 customers affected by the event, according to Console & Associates, P.C., which is investigating claims on behalf of the life insurer. According to the Maryland Insurance Administration, the MOVEit hack is thought to have been carried out by Clop, a Russian hacking group, and has impacted organizations across the U.S. and Europe. The above slideshow offers guidance on the steps to take after your personal information has been exposed following a data breach, according to the Maryland Insurance Administration. Related:

• Developing proactive cyberthreat intelligence
• The Merck Judgment: Implications for cyber insurers and policyholders
• Zero-day vulnerabilities: The hidden threat to the insurance industry