Relation Insurance Services Inc. reported Tuesday it may have been affected by a data breach over a two-day period in August but has found no evidence of the information’s misuse.

Walnut Creek, California-based Relation said in a statement issued by its Johns Creek, Georgia, office that the broker became aware of
“unusual activity” in an employee’s email account on Aug. 15, 2019, and immediately launched an investigation with the assistance of third-party computer forensics specialists to determine what may have happened and what information may have been affected.

The investigation determined an unknown individual had access to the email account on Aug. 14-15, 2019. On Oct. 16, 2019, Relation, which was formerly Ascension Insurance Inc., confirmed personal information was present in the mail account and began reviewing its files to determine which business partners were associated with this information.

On Dec. 13, it provided notice of this incident to its insurance provider partners. “To date, Relation has no evidence to suggest actual or attempted misuse of information as a result of this event,” the statement said.

Relation said the potentially affected information varied by insurer and individual, and the  information  present in the email account at the time of the incident included the following identifiers: name, address, telephone number, email address, date of birth, Social Security number, passport number, driver's license or state-issued identification number, copy of marriage or birth certificate, account and routing number, financial institution name, credit/debit card number, PIN, expiration date, treatment information, prescription information, provider name, medical record number, patient ID, health insurance information, treatment cost, medical history, mental or physical condition, diagnosis code, procedure type, procedure code, treatment location, admission date, discharge date, medical device number, and date of death.

The brokerage said in the statement it has taken steps to confirm its system’s and email accounts’ security.

It did not respond to a query as to how many records were involved.