Data Breaches

PBI Data Breach 2023: What Happened, Who Was Affected, and Steps to Protect Yourself

November 1, 2023
3 min

Of the recent cybersecurity incidents, the PBI data breach stands out due to its widespread ramifications. Let's dive deep into what occurred, implications, and how individuals can safeguard themselves against future, similar incidents.

Details of the PBI Data Breach

On August 25, 2023 Pension Benefit Information LLC (PBI) indicated that consumer data had been breached as a result of a cyberattack on a third-party contractor called MOVEit.

MOVEit, a renowned file transfer software solution, became the unintentional gateway for hackers during this breach. PBI is a third-party vendor used by insurance agencies and financial institutions at a global level to verify information about beneficiaries.

The PBI data breach was the result of a larger leak caused when hackers targeted MOVEit. 

Extent and Impact of the PBI Data Breach on Consumers

Due to the widespread use of PBI, it is estimated that millions of people were impacted by the data breach. Industries that reported data leaks include (but are not limited to): Motor vehicle agencies, insurance providers, educational institutions, and retirement management companies.

Anyone who is currently paying into or receiving pension benefits or who has worked with an agency to procure insurance should check to make sure that their data was not compromised. While there is no exhaustive list of every party impacted (yet), PBI contracts with thousands of companies worldwide - increasing the number of consumers impacted.

What Personal Data Was Leaked and Exposed in the Breach?

The data that was reportedly leaked includes, but may not be limited to:

  • Names
  • Addresses
  • Social security numbers

The compromised data is particularly sensitive as it comprised personal identifiers like names and addresses, but more alarmingly, also included Social Security numbers. Such information can be misused for identity theft, financial fraud, and other malicious activities.

Here’s What to Do if You Were Impacted

It's essential to act swiftly if you believe your data might have been compromised. Prompt action can mitigate potential harms and secure your information.

Once you receive confirmation that your personal information may have been a part of the PBI data breach, there are several steps you should take immediately:

  • Set up some sort of credit monitoring to check for identity theft and potential fraud
  • Ask if there are additional resources being provided by your state, agency, or institution to help offset the risk
  • Change all passwords and credentials related to the affected accounts 
  • Freeze your credit if you notice any suspicious activity to prevent further damage
  • Stay in contact with the relevant agencies to stay informed of what’s going on and of any additional measures you need to take to protect yourself

In an increasingly digital world, data breaches like the PBI incident remind us of the vulnerabilities that exist. Staying informed, vigilant, and proactive in safeguarding personal data is more crucial than ever. As consumers, it's essential to understand the digital landscape's risks and equip ourselves with knowledge and resources.

One of the best ways to limit your personal data breach risk is to share as little personally identifiable information as possible. Create unique identities for every new account or connect using Cloaked, and control what you share and who you share it with. Click here to get started now.

Helpful Links and Other Resources

To report identity theft:

To freeze your credit:

Current information on the PBI data breach:

Information on how to protect your data:

View all