Massive Data Breach Hits 4.75 Million People
Our IT Services team recently discovered that PBI Research Services (PBI) experienced a significant data breach, affecting 4.75 million people. This breach occurred during the MOVEit Transfer data-theft attacks that began on May 27th, 2023. The Clop ransomware gang exploited a zero-day vulnerability in MOVEit Transfer to steal data from hundreds of companies. Since then, they have been extorting companies by slowly revealing affected organizations on their data leak site.
Millions of Customers Affected
Three PBI clients have disclosed the massive impact of this breach. However, the number of affected individuals might increase as more companies come forward. The first company affected was Genworth Financial, a Virginia-based life insurance services provider. Genworth estimates that between 2.5 and 2.7 million of its customers and insurance agents had their personal data stolen. Compromised information includes:
- Full name
- Date of birth
- Social security number
- Zip code
- State of residence
- Policy number
- Agent ID (for agents)
Genworth has clarified that its own systems and network were not impacted, and business operations continue as usual.
Other Companies Impacted
The second company affected by the breach is Wilton Reassurance, a New York-based insurance provider. They reported that 1,482,490 of their customers had data stolen, including names and social security numbers. Wilton Reassurance plans to offer 12 months of free identity theft protection and credit monitoring services through Kroll to impacted individuals.
CalPERS (California Public Employees’ Retirement System), the largest public pension fund in the US, is the third company impacted by the PBI data breach. They announced that approximately 769,000 of their members were affected, and they will provide notification letters with instructions on how to access two years of free credit monitoring service through Experian.
PBI’s Status with Clop Ransomware Gang
As of now, PBI Research Services has not been listed on Clop’s data leak site. This could mean that PBI is negotiating with the threat actors not to release data or that Clop has not yet started extorting the organization. We have reached out to PBI for comment on the situation, but they have not yet responded.
Update on PBI’s Response
A PBI spokesperson has since provided us with the following comment:
PBI Research Services uses Progress Software’s MOVEit file transfer application with a number of clients. At the end of May, Progress Software identified a zero-day vulnerability in the MOVEit software that was actively being exploited by cyber criminals.
PBI promptly patched its instance of MOVEit, assembled a team of cybersecurity and privacy specialists, notified federal law enforcement, and contacted potentially impacted clients.
The cyber criminals did not gain access to PBI’s other systems – access was only gained to the MOVEit administrative portal subject to the vulnerability.
PBI is working directly with impacted clients to identify impacted consumers and develop notice plans.
What Steps is Toyota Taking to Protect Customer Data After the Discovery of Vulnerable Servers?
Toyota discovers vulnerable servers exposing customer data and has taken swift action to protect its customers. The company is implementing enhanced security measures to prevent any unauthorized access to sensitive information. Toyota is prioritizing customer privacy by strengthening its data protection systems and regularly monitoring for potential vulnerabilities. These proactive steps ensure that customer data remains secure and instill confidence in Toyota’s commitment to safeguarding their personal information.
Don’t Let Your Business Be the Next Victim
This massive data breach is a stark reminder of how important cybersecurity is for businesses of all sizes. Cybercriminals are constantly seeking new ways to exploit vulnerabilities and steal sensitive data. Don’t let your business become their next target. Contact us to learn how ZZ Servers can help protect your company and customers from cyber threats.
