ECBM LP Data Breach Exposes Social Security Numbers and Driver’s License Numbers

Insurance data breach illustration
Breach Discovery: Not Publicly DisclosedBreach Notification: 3rd June 2026

What Happened in the ECBM LP Data Breach?

ECBM LP, a family-owned insurance brokerage and consulting firm based in Media, Pennsylvania, recently confirmed a data breach that put sensitive personal information at risk. According to the company’s notification, unauthorized access to its systems occurred in October 2024. This means the incident sat undetected or under investigation for a significant stretch before ECBM notified affected individuals.

The exact method used by the attacker has not been publicly disclosed. However, the ECBM LP data breach involved unauthorized access to files containing sensitive personal data. As a result, the company had to determine which individuals’ information was involved before it could issue notifications.

Once ECBM became aware of the issue, it launched an investigation to assess the scope of the exposure. This process took time, since the company needed to review affected files and confirm exactly which data elements were compromised. Because of this careful review, notification letters did not go out until June 3, 2026, well after the breach itself occurred.

ECBM has not shared further technical details about how the intrusion happened or who was responsible. Still, the company’s decision to notify individuals and regulators across multiple states shows it treated the incident seriously once the investigation concluded.

Who was affected?

The ECBM LP data breach affected approximately 8,112 individuals across the United States. This includes people whose personal information was stored in ECBM’s systems, likely a mix of insurance clients and possibly employees, though the exact relationship between ECBM and each affected person has not been detailed publicly.

State-level filings shed some light on the geographic spread. For example, Massachusetts reported 33 affected residents, while New Hampshire reported eight, Indiana reported 33, and Vermont reported just one. These figures represent only a portion of the total number affected nationwide, since most impacted individuals reside in other states.

Because ECBM is an insurance brokerage, the affected population may include policyholders and their beneficiaries whose sensitive records were held for underwriting or claims purposes. It has not been publicly disclosed whether minors are among those affected, but insurance files often include dependents, so this remains a possibility worth noting.

What Information Was Potentially Exposed?

The data compromised in this breach is particularly sensitive because it includes information that can be used to commit identity theft. ECBM confirmed the following categories of personal information were exposed:

  • Full names
  • Social Security numbers
  • Driver’s license numbers
  • Government-issued identification numbers

This combination of data is especially concerning. Unlike a password or account number, a Social Security number cannot easily be changed, which means the risk from this exposure can last for years. In addition, driver’s license and government ID numbers can help fraudsters impersonate victims when opening new accounts or applying for loans.

Because of this, affected individuals face a heightened risk of identity theft, tax fraud, and unauthorized account openings. Criminals often combine stolen Social Security numbers with names and addresses to apply for credit cards or loans in someone else’s name. As a result, victims may not discover the fraud until they see unfamiliar charges or a sudden drop in their credit score.

Beyond financial fraud, exposed government ID numbers can also be used to create fake identification documents. This means affected individuals should remain alert not just for financial fraud, but also for signs that someone is using their identity in non-financial contexts, such as employment or medical services.

What is the company doing?

In response to the breach, ECBM began notifying affected individuals by letter starting June 3, 2026. The letters explained what happened and outlined the specific types of information involved for each recipient. ECBM also included instructions on how to enroll in free protective services.

Specifically, ECBM is offering 24 months of free single-bureau credit monitoring, along with credit report and credit score access, through Cyberscout. In addition, the company is providing proactive fraud assistance to help individuals who have questions or who become victims of fraud connected to this incident.

To enroll, affected individuals must visit the Cyberscout activation page and enter the unique code provided in their letter. Importantly, enrollment must be completed within 90 days of the letter’s date, so prompt action is necessary to take advantage of these free services.

ECBM also set up a dedicated toll-free phone line for people with questions not answered in the notification letter. The line operates Monday through Friday from 8 a.m. to 8 p.m. Eastern Time, excluding major U.S. holidays, giving affected individuals a direct way to seek clarification.

What Should Affected Individuals Do?

Enroll in the Free Credit Monitoring Services

If you received a notification letter from ECBM, you should enroll in the free credit monitoring service as soon as possible. This service can help detect suspicious activity on your credit file before it causes serious damage.

Because enrollment must happen within 90 days of your letter’s date, it’s important not to delay. Simply visit the Cyberscout enrollment page and enter the unique code from your letter to activate the service right away.

Place a Fraud Alert or Credit Freeze

Given that Social Security numbers and driver’s license numbers were exposed, placing a fraud alert or credit freeze is a strong protective step. A fraud alert requires creditors to verify your identity before opening new accounts in your name, while a credit freeze restricts access to your credit report entirely.

You can request a fraud alert or freeze by contacting any one of the three major credit bureaus: Equifax, Experian, or TransUnion. Contacting just one bureau for a fraud alert is enough, since it must notify the other two on your behalf. For a credit freeze, however, you will need to contact each bureau separately.

Monitor Your Financial Accounts and Credit Reports

In addition to enrolling in monitoring services, you should regularly review your bank and credit card statements for unfamiliar transactions. Early detection can make a significant difference in limiting financial damage from identity theft.

You’re also entitled to a free credit report from each of the three major bureaus once per year through AnnualCreditReport.com. Reviewing these reports periodically can help you spot new accounts or inquiries you didn’t authorize.

Stay Alert for Phishing Attempts

After a data breach, scammers often use stolen information to craft convincing phishing emails, texts, or phone calls. Because your name and personal details were exposed, you may become a target for these scams.

Therefore, be cautious of unexpected messages asking you to verify personal information or click on links. Legitimate companies rarely ask for sensitive details through email or text, so if something feels off, contact the organization directly using a verified phone number instead of responding.

Consider Consulting a Data Breach Attorney

If you’re concerned about how this breach may affect you long-term, it may help to speak with a data breach attorney. An attorney can review your specific situation and explain what legal options might be available to you.

Many attorneys offer free consultations for data breach cases, so there’s little risk in exploring your options. This is especially worth considering if you experience actual fraud or financial loss connected to this incident.



More Information

ECBM LP

33 Massachusetts residents

eight New Hampshire residents

33 Indiana residents

one Vermont resident

Cyberscout enrollment page

Related Data Breaches