- Upgrade to Microsoft Office Pro and Windows 11 Pro with this bundle for 87% off
- Get 3 months of Xbox Game Pass Ultimate for 28% off
- Buy a Microsoft Project Pro or Microsoft Visio Pro license for just $18 with this deal
- How I optimized the cheapest 98-inch TV available to look and sound incredible (and it's $1,000 off)
- The best blood pressure watches of 2024
Prudential Financial Notifies 36,000 Individuals of Data Breach
Prudential Financial last Friday commenced the process of informing over 36,000 individuals about a data breach that occurred in early February 2024.
The breach, initially disclosed through a regulatory filing with the SEC in February, occurred on February 4 and was reportedly identified the following day.
At that time, Prudential disclosed that the attackers gained access to systems containing company administrative and user data, as well as employee and contractor accounts.
A week later, the Alphv/BlackCat ransomware group took responsibility for the attack and listed Prudential on its Tor-based leak site. This group was also behind a significant outage in the US health system last month after targeting Change Healthcare systems and services.
Read more on those events: Prudential Financial Faces Cybersecurity Breach
According to a filing with the Maine Attorney General’s Office published on March 29, Prudential has now confirmed that the hackers compromised the personal information of 36,545 individuals.
“Through the investigation, we learned that the unauthorized third party gained access to our network on February 4, 2024, and removed a small percentage of personal information from our systems,” reads the filing.
“Companies are always likely to remain wary of really rapid disclosure, given the financial impact these things can have on them, and use all the ‘tricks’ they can to delay,” commented Nick France, chief technology officer at Sectigo.
“Ultimately, I believe that the new SEC regulations should make these processes work faster; however, given the wording of the regulation and the fact that it only came into effect at the very end of 2023, it may take some time before we see disclosures happening at the 4-day pace.”
The individuals affected by the Prudential breach are being notified of the incident through written notifications. Among the compromised data are names or other personal identifiers in combination with driver’s license numbers or non-driver identification card numbers.
Image credit: rafapress / Shutterstock.com