Giant US insurer admits second data hack

Giant US insurer admits second data hack

Giant US insurer admits second data hack | Insurance Business America

Cyber

Giant US insurer admits second data hack

Tens of thousands affected

Prudential Insurance has announced that hackers stole the information of more than 36,000 people in a February breach.

In a regulatory filing in Maine, Prudential’s law firm, Debevoise & Plimpton, said the insurer detected unauthorized access to its network on Feb. 5, according to a report by The Record.

“Through the investigation, we learned that the unauthorized third party gained access to our network on February 4, 2024, and removed a small percentage of personal information from our system,” the filing said.

According to Prudential, the names, addresses, and driver’s license or ID card numbers of 36,545 people were accessed. The company has notified law enforcement of the breach and hired an outside cybersecurity firm to assist in its response.

Victims of the breach will be given two years of identity protection services, The Record reported.

On Feb. 13, Prudential filed documents with the Securities and Exchange Commission stating that a cybercrime group had been able to access “administrative and user data from certain information technology systems” and “a small percentage” of user accounts associated with employees and contractors.

On Feb. 16, ransomware gang AlphV claimed responsibility for the attack. The gang is also responsible for a February attack against mortgage lender loanDepot, The Record reported.

Law enforcement agencies in the US, the UK and the European Union coordinated a takedown of AlphV’s website in December, but the ransomware group was quickly able to establish a new platform, according to The Record. The group was also allegedly tangentially involved in the recent Change Healthcare attack. That attack was carried out by a different ransomware group, and resulted in the payment of a $22 million ransom – which AlphV allegedly then stole from the other cybercrime group, The Record reported.

See also  How resilient are Australia's financial markets?

Last week, the State Department announced a reward of up to $10 million for information about the identity or location of AlphV members.

Have something to say about this story? Let us know in the comments below.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!