Marsh McLennan (Marsh, Mercer, GuyCarpenter, and OliverWyman)

I use for notifications about breaches. This interesting snippet popped up on my feed this morning. It’s a letter from Marsh McLennan to the Office of the Attorney General of Iowa about a breach that occurred in April. I didn’t see any other news on this.

From the letter it seems that Marsh are following the correct steps, though if this was in GDPR-land they would have failed to notify the regulator within 72 hours (Article 33).

Original Article