Cove Risk Services Reports Data Breach Affecting 49,385 Individuals
Post Summary
Cove Risk Services, a risk management company, has disclosed a significant data breach that compromised sensitive personal information of 49,385 individuals across the United States. The breach, which was discovered on May 5, 2025, was determined to have occurred on or around May 3, 2025. An investigation revealed that unauthorized access or acquisition of data had taken place on the company's network.
Sensitive Information Exposed
The company confirmed that the breach involved a wide range of sensitive information, including:
- Names
- Social Security Numbers
- Dates of Birth
- Addresses
- Driver’s License or State-Issued Identification Numbers
- Passport Numbers
- Medical Information
- Health Insurance Information
- Financial Account Information
According to an official disclosure filed with the Maine Attorney General, the breach impacted 182 residents of Maine. The details were further outlined in Cove Risk Services’ notice published on their website.
sbb-itb-535baee
Timeline of Events
After identifying the network disruption on May 5, 2025, Cove Risk Services launched a comprehensive review of the incident. The investigation was completed on November 10, 2025. Affected individuals began receiving notifications of the breach starting December 12, 2025.
Company Response and Recommendations
In response to the breach, Cove Risk Services is offering affected individuals complimentary credit monitoring and identity protection services through Cyberscout, a TransUnion company. These services are available for 12 months, and individuals are encouraged to enroll within 90 days of receiving their notification letters. A dedicated assistance line has also been established to handle inquiries and provide support.
Given the nature of the compromised data, Cove Risk Services advises individuals to remain vigilant in monitoring their financial and personal information. Regularly reviewing credit reports and account statements for suspicious activity is strongly recommended. Additionally, affected individuals have the option to place a fraud alert or credit freeze on their credit files at no cost as an extra layer of protection.
Heightened Awareness for Victims
The combination of personally identifiable information (PII) and protected health information (PHI) exposed in this breach heightens the risk of identity theft or fraud. Cove Risk Services has urged all affected individuals to take the necessary precautions to safeguard their financial and personal information.
The company’s disclosure of the breach reflects the ongoing challenges organizations face in protecting sensitive data from increasingly sophisticated cyber threats. For individuals impacted by this incident, proactive measures remain critical to minimizing potential harm.
