HQ/EMEAFind out how we can help your business
The multinational financial services corporation Prudential Financial revealed that the data breach incident last February that compromised its systems had impacted the personal data of about 2.5 million individuals.
In its recent filing to the Securities and Exchange Commission (SEC) earlier this year, this financial institution reported that a suspected cybercrime organisation breached its networks and gained access to administrative/user data and employee/contractor accounts.
The following month, the business disclosed in a filing with the Maine Attorney General’s Office that it had alerted over 36,000 people whose personal information had been stolen during the incident. The stolen data contained various details, including names, driver’s license numbers, and non-driver identity card numbers.
The initial investigation revealed that an unauthorised third party accessed Prudential’s network on February 4, 2024, and stole a tiny amount of personal information from its systems. As part of the company’s immediate reaction, it collaborated with a third-party security provider to ensure the unauthorised third party no longer has access to its systems.
However, this week, the firm revised the initial statement it submitted to the Maine Attorney General’s Office regarding the February data breach. The revised report stated that the incident affected approximately 2,556,210 people.
The BlackCat ransomware group claimed responsibility for the Prudential Financial attack.
Prudential Financial has yet to reveal information about the attackers that compromised its network, but the notorious BlackCat ransomware group claimed responsibility for the breach on February 13.
However, BlackCat recently shut down its activities and pulled an exit fraud after taking the $22 million ransom from Notchy, the affiliate responsible for the Change Healthcare breach.
Federal law enforcement agencies linked this ransomware group to more than 60 data breaches globally within its first four months of operation and claimed that ALPHV collected at least $300 million from over 1,000 victims by September last year.
This affected company is one of the biggest life insurance firms in the United States, and it is home to about 40,000 employees globally.
Still, authorities advise potentially affected individuals not to be careless with their digital presence despite BlackCat’s recent shutdown, as these attackers could use the stolen information to execute other malicious operations.
