Never give out personal contact info again
Comprehensive Identity Theft Insurance
Secure and protect your family’s data
Save and store your online accounts
Remove personal info from 120+ data brokers
Ensure your true identity is protected from AI
Save additional details with confidence
© Cloaked. 2024
Of recent cybersecurity incidents, the Pension Benefit Information LLC (PBI) data breach was one of the most serious, due to the protected information that was seized.
What went wrong in the PBI database? Why was such a large company unable to protect its client base’s sensitive information? And what was the fallout?
Let's dive deep into what occurred, what the implications are, and how you can safeguard your personal information against similar incidents in the future.
The PBI data breach involves a lot of moving parts.
PBI is a third-party vendor that provides data verification services for insurance agencies, financial institutions, and other organizations. Its primary role is to hold and update data so its collaborators can manage pension and insurance policies while reducing fraud and making sure benefits are correctly distributed. A lot of this information is highly sensitive, involving names, addresses, dates of birth, and social security numbers.
The main takeaway here is that PBI holds a lot of sensitive data for many different companies, making it a prime target for a group like the Clop ransomware gang. Clop’s wider target was Progress Software’s MOVEit Transfer file-sharing solution, meaning PBI was just one of many companies affected.
Traditionally, hackers would steal data, and then extort money from businesses to keep these embarrassing data breaches quiet. However, a recent Coveware report suggested that in 2023, only 34% of victims paid. Instead, they would simply report the leak and suggest how to mitigate the outcomes.
Therefore, hackers changed tactics, targeting a vast amount of companies at the same time, i.e. users of MOVEit. As long as a few victims pay up to the high demands, it’s worthwhile for the hackers.
May 27, 2023 — The Clop ransomware gang begins attacking a zero-day vulnerability (a previously unknown security flaw) in third-party MOVEit, which PBI was using for file transfer. Both PBI and MOVEit were utterly blindsided by the event.
June 2, 2023 — PBI becomes aware of the compromise, patches the gap, and launches an internal PBI data breach investigation.
June 4, 2023 — PBI starts sending notifications to affected individuals, offering 12 or 24 months of free credit monitoring and identity theft protection services.
Yes, PBI immediately launched an investigation into the attack, supported by a team of cybersecurity and privacy experts. This investigation identified that the breach only affected clients whose data was transferred using the MOVEit portal, and the ransomware gang did not gain access to PBI’s systems.
PBI’s collaborating companies also launched their own investigations. For example, Milliman Solutions alerted the HHS Office for Civil Rights and the Attorney General of Maine.
The PBI data breach was primarily an attack on MOVEit, an app used by federal and state governments, universities, healthcare organizations, and corporations worldwide.
It’s difficult to put a number on the amount of people affected, due to PBI playing a role in the workflows of such a great number of companies. However, the company announced in mid-July 2023 that it was up to over 1.2 million people.
Subsequent announcements from companies PBI works with have pushed that number to at least ten times higher. For example, 2.5 to 2.7 million Genworth Financial clients and almost 1.5 million Wilton Reassurance customers were hit.
It was well worth it for the hackers themselves, however, who earned an expected $75 million to $100 million by extorting the victims of their attack.
There is no exhaustive list of every party impacted yet. PBI has contracts with thousands of companies worldwide, increasing the number of consumers affected. Some of the organizations include:
Anyone who is currently paying into or receiving pension benefits or who has worked with an agency to procure insurance should check to make sure that their data was not compromised.
The personal data that was reportedly leaked in the breach includes, but isn’t limited to:
The compromised data is particularly sensitive since it comprised personal identifiers like names and addresses, but more alarmingly, also included social security numbers. Such information can be misused for identity theft, financial fraud, and other malicious activities.
PBI claims to have contacted all impacted clients directly. If you haven’t been contacted, it is unlikely that you are a victim.
To make sure, head to Have I Been Breached to see if your email address or phone number was involved in the PBI data breach or any others.
You need to act swiftly if you believe your data might have been compromised. Prompt action can mitigate potential harm and secure your information.
Once you receive confirmation that your personal information may have been a part of the PBI data breach, there are several steps you should take immediately:
Set up credit monitoring to check for identity theft and potential fraud. You can either manually monitor your information or use a credit monitoring tool to scan your accounts for any unusual spending or behavior.
You can also actively scan and remove personal information from the web. Enter your phone number, Cloaked’s risk assessment scan will determine your level of risk, before deleting any occurrences in 120+ data brokers and websites. This helps to make you less vulnerable to fraud, scams, and phishing attempts.
The PBI data breach is a wake-up call to millions that they need to keep themselves safe online. Changing your password to affected accounts is the quickest and easiest way to do that. Mix uppercase and lowercase letters, numbers, and special characters to repel hackers.
Reusing the same password is unsafe—no matter how strong it is. If a cybercriminal gets their hands on it through a breach like PBI’s, they could waltz into all your accounts.
Remembering numerous passwords can be challenging, which is why many people turn to reliable password managers. While Google Password Manager is convenient and integrated with Chrome, it can be a prime target for hackers and has limited security features compared to more advanced options.
Advanced password managers like Cloaked can generate complex passwords effortlessly and secure them with encrypted, password-protected links and one-time passcodes.
Cloaked’s password manager enhances your online security by masking your identity and offering two-factor authentication to protect against unauthorized access.
Seek additional resources provided by your state, agency, or institution to help offset the risk.
Stay in contact with your most trusted agencies to stay informed of what’s going on and of any additional measures you need to take to protect yourself.
For example, the Virginia Retirement System, Central States Pension Fund, and the Tennessee State Employers Association all provide updates to their clients and members.
Several class-action lawsuits have been filed against PBI in response to the data breach. The lawsuits allege negligence in data security measures and seek compensation for damages incurred by the affected individuals.
PBI data breach compensation claims typically include costs for identity theft protection, reimbursement for financial losses, and damages for emotional distress. Although data leaked in the PBI case didn’t necessarily include personal health information (PHI), it could have been in the same data set as PHI, so it qualifies as a HIPAA data breach.
Corporations such as The Lyon Firm are running legal proceedings on behalf of plaintiffs nationwide. Affected individuals are encouraged to join the class-action suits if they have experienced significant impacts due to the breach.
As online identity protection becomes crucial, Cloaked offers a comprehensive solution to keep you safe:
Find out more about how Cloaked works.
The PBI data breach has raised many questions, concerns, and suspicions among those affected. This FAQ section aims to provide clear and concise answers to some of the most pressing inquiries.
There is indeed a legitimate PBI data breach that the company claims it has sent out to all affected clients. These letters inform recipients about the incident, the type of data that was potentially exposed, and the steps they should take to protect themselves. If you receive such a letter, follow the recommended actions, such as monitoring your financial accounts and changing your passwords.
That said, it’s good to be suspicious of letters designed to shock you into action, especially when you don’t recognize the sender and they ask you to provide sensitive information to sign up for a new service. To give you more confidence, you can find an image featuring a template of the PBI data breach letter below.
Yes, there was a significant data breach involving PBI. Hackers exploited a vulnerability in MOVEit, a file transfer software that PBI and many other organizations were using. The attack exposed sensitive personal information, including the names, addresses, dates of birth, and social security numbers of millions of individuals.
Resulting investigations led to heightened security measures to prevent similar incidents in the future.
PBI, or Pension Benefit Information LLC, is a legitimate company. It is a reputable third-party vendor that provides data verification services for insurance agencies, financial institutions, and other organizations. PBI verifies beneficiary information and ensures the accuracy of records held by these institutions.
Despite the recent data breach, PBI continues to operate as a trusted entity in the financial and insurance sectors and is working to enhance its security measures and protect the data it manages.
In an increasingly digital world, data breaches like the PBI incident remind us of the vulnerabilities that exist. Staying informed, vigilant, and proactive in safeguarding personal data is more crucial than ever. As consumers, it's essential to understand the digital landscape's risks and equip ourselves with knowledge and resources.
One of the best ways to limit your personal data breach risk is to share as little personally identifiable information as possible. Create unique identities for every new account or connect using Cloaked, and control what you share and who you share it with.
Start protecting yourself online today.
To report identity theft: https://www.ftc.gov/news-events/topics/identity-theft/report-identity-theft
To freeze your credit: https://www.usa.gov/credit-freeze
Current information on the PBI data breach: https://www.pbinfo.com/the-moveit-cyberattack-what-happened-pbis-response-whats-next
Information on how to protect your data:
https://www.cloaked.app/post/how-do-i-limit-the-data-i-share-online
https://www.cloaked.app/post/data-collection-red-flags-what-to-look-for-in-privacy-policies
.png)
