On March 17, 2026, the Missouri Department of Commerce and Insurance (DCI) issued Insurance Bulletin 26-05 to inform insurers of a recent third-party cybersecurity breach and remind them of reporting requirements.
Recently, Conduent Business Services, LLC (Conduent) suffered a cybersecurity breach affecting files that contained names, addresses, and social security numbers. The DCI strongly encourages insurers and other regulated entities that have utilized Conduent to determine if their members have been affected by the cybersecurity breach, and, in such case, ensure they have been notified by Conduent. The DCI also reminds insurers and other regulated entities of their duties to report cybersecurity breaches to the Director. The bulletin provides resources to review regarding these reporting requirements.
Please see Insurance Bulletin 26-05 for more information. For any questions regarding the bulletin, please contact marketconduct@insurance.mo.gov. For any questions regarding an entity's duties in the event of a cybersecurity breach, please contact cyberbreach@insurance.mo.gov.