Major U.S. life insurance provider Prudential Financial had data from more than 2.556 million individuals compromised in an early February systems breach claimed by the ALPHV/BlackCat ransomware operation, which has already shut down operations following the theft of ransom from an affiliate that targeted Change Healthcare, according to BleepingComputer.
Such a updated disclosure to the Office of the Maine Attorney General comes more than three months after Prudential initially reported the incident to impact personal data from more than 36,000 people, including their names, driver's license numbers, and other identification card numbers. No other information regarding the attackers was provided by Prudential except that they are no longer within the firm's systems.
Prudential previously had sensitive data from 320,000 customers — including names, birthdates, addresses, Social Security numbers, and phone numbers — exfiltrated following the hack of Pension Benefit Information due to the widespread Cl0p ransomware attack exploiting a MOVEit Transfer vulnerability.
