MOVEit Transfer Cyberattack Affects 1.2M as a Result of Pension Benefit Information (PBI) -

Post Views: 228

Due to the current spate of MOVEit Transfer hacks, Pension Benefit Information, an analysis service that tracks down benefit plan recipients and performs death audits, experienced a data leak.

A breach of data at Pension Benefit Information (PBI) resulting from massive cyberattacks launched in opposition to the Progress program’s MOVEit Transfer program affected 1.2 million+ individuals. The incident is now among the ten worst breaches to have been notified to HHS in 2023.

PBI is an investigation company that offers a range of pension plan administration services, such as participant search, death audit, and uncashed check services. According to the organization’s website, its clientele includes sizable pension plans, insurance firms, banking institutions, and third-party administrators.

As previously mentioned, a serious cybersecurity flaw that gave unauthorized actors the ability to access MOVEit databases had an effect on hundreds of enterprises. This vulnerability attracted the attention of the Clop ransomware, which took credit for numerous attacks.

The recent MOVEit hack, which occurred in late May, affected numerous other institutions, notably the federal government, state governments, universities, healthcare groups, and corporations all across the world, according to PBI Research Services.

“PBI Research Services employs MOVEit, a file transfer program from Progress Software, with certain of our clientele. At the very end of May, the Progress program discovered a cyberattack in their MOVEit program that did affect a tiny portion of our clients that utilized the MOVEit administrative portal software and resulted in access to personal information. No one from this incident was able to access PBI’s main systems or software.

The intrusion had no effect on PBI’s systems beyond the confined MOVEit Transfer server. In case clients were apprehensive about using the MOVEit program, PBI informed them that it would offer other data transfer methods.

PBI advised individuals in its notification that it was “unable to verify whether your private details were impacted” but urged anyone who might be affected to take precautions to secure their data. The specific data pieces which might have been compromised were not mentioned in the public warning.

Phoenician Medical Center Suffers Data Breach

A breach affecting 162,500 people was reported to HHS by Phoenician Medical Center (PMC), a unified care system that encompasses the Phoenix Valley area of Arizona.

On March 31, 2023, PMC and its connected businesses, Phoenix Neurological & Pain Institute, and Laser Surgery Center, were made aware of a data security problem that had affected the performance of its IT systems. Following the containment of the event, PMC discovered that certain documents on its systems had been accessed or obtained by an unauthorized entity.

Patients treated between 2016 and 2023 have names, contact information, demographic data, information about their treatments and prescriptions, medical record numbers, provider names, dates of services, and information about their health insurance.

PMC advised anyone who was affected to check their bank accounts for any services that they didn’t use and to be on the lookout for fraud.

About The Author:

Yogesh Naager is a content marketer that specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.