Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Prudential Financial Data Breach Impacts 36,000

Prudential Financial says the names, addresses, and ID numbers of over 36,000 were stolen in a February data breach.

Insurance giant Prudential Financial has started notifying more than 36,000 individuals that their personal information was compromised in a data breach in early February 2024.

Initially disclosed in mid-February in a regulatory filing with the US Securities and Exchange Commission, the incident occurred on February 4 and was identified one day later.

At the time, Prudential said that the attackers accessed systems containing company administrative and user data, as well as employee and contractor accounts.

One week later, the Alphv/BlackCat ransomware group claimed responsibility for the attack, listing Prudential on its Tor-based leak site. The threat actor is also responsible for the major US health system outage last month, after disrupting Change Healthcare systems and services.

In a filing with the Maine Attorney General’s Office on Thursday, just before the Easter holiday, Prudential revealed that the hackers had stolen the information of more than 36,000 individuals, to whom it is sending written notifications about the incident.

The data breach notification was filed for Prudential Insurance Company of America, the Prudential Financial company that issues insurance products.

In its notification letter, Prudential says that it activated its incident response plan immediately after identifying the breach and that it engaged external cybersecurity experts to help with the investigation into the matter.

“Through the investigation, we learned that the unauthorized third party gained access to our network on February 4, 2024 and removed a small percentage of personal information from our systems,” Prudential says.

Advertisement. Scroll to continue reading.

Pertaining to the impacted individuals’ Prudential products and services, the stolen personal information includes names, addresses, driver’s license numbers, and non-driver identification card numbers.

The company says it has confirmed that the attackers no longer have access to its systems, and claims to have implemented additional security measures, including improved access controls, additional monitoring capabilities, and stronger authentication protocols.

Although it says that it is not aware of identity theft or fraud related to the stolen information, Prudential is providing the affected individuals with two years of complimentary credit monitoring services.

Related: US Offering $10 Million Reward for Information on Change Healthcare Hackers

Related: Fidelity Investments Life Insurance Company Discloses Data Breach

Related: 1.5 Million Affected by Data Breach at Insurance Broker Keenan & Associates

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

More People On The Move

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Data Breaches

Delta Dental of California says over 6.9 million individuals were impacted by a data breach caused by the MOVEit hack.