Hack Impacts Genworth Policyholders and 769K Retired California Workers: Personal information of 2.5 million Genworth Financial policyholders and 769,000 retired California employees and beneficiaries has been compromised in a hack.
A hack of the MOVEit file-transfer application has exposed the personal information of approximately 769,000 retired California employees and 2.5 million Genworth Financial policyholders. This breach, attributed to Russian cybercriminals, has affected a wide range of organizations globally.
Key Takeaways of Hack Impacts Genworth Policyholders and 769K Retired California Workers:
Table of Contents
- The personal information, including Social Security numbers, of 769,000 retired California employees and beneficiaries, as well as 2.5 million Genworth Financial policyholders, has been exposed in the MOVEit file-transfer application hack.
- The breach is attributed to Russian cybercriminals and has affected numerous organizations worldwide, including federal agencies, universities, and major corporations.
- The criminal group behind the hack, known as Cl0p, is engaging in extortion by threatening to release the stolen data unless a ransom is paid.
Personal information, including Social Security numbers, of approximately 769,000 retired California employees and other beneficiaries, as well as 2.5 million Genworth Financial policyholders, has been compromised in a security breach of the popular file-transfer application MOVEit.
The breach, attributed to Russian cybercriminals, has resulted in a significant data breach affecting multiple organizations globally.
Breach Impact on California Employees and Genworth Policyholders
The California Public Employees Retirement System, the country’s largest public pension fund, confirmed that the personal information of around 769,000 retired California employees and beneficiaries, including their Social Security numbers, was among the data stolen in the MOVEit file-transfer application breach.
The breach was facilitated by a third-party vendor responsible for verifying deaths. Additionally, the same vendor, PBI Research Services/Berwyn Group, experienced a data loss of personal information belonging to at least 2.5 million Genworth Financial policyholders, including Social Security numbers.
Offering Credit Monitoring and Protection
In response to the breach, the California Public Employees Retirement System announced that affected members would be provided with two years of free credit monitoring. Similarly, Genworth Financial stated that it would offer credit monitoring and identity theft protection to the impacted policyholders.
Scope of the Breach and Other Victims
The security breach of the MOVEit file-transfer program has had a global impact, compromising the data of numerous organizations. Cybersecurity experts estimate that hundreds of organizations have been affected.
Confirmed victims include federal agencies such as the U.S. Department of Energy, major corporations like Ernst & Young, British Airways, and the BBC, educational institutions such as Johns Hopkins University, and even millions of motorists in Oregon and Louisiana.
The Threat of Extortion by Cl0p Criminal Gang
The criminal gang responsible for the hack, known as Cl0p, is utilizing extortion tactics, threatening victims with the public release of their data if they fail to pay a ransom.
This adds further urgency to the situation and highlights the potential risks faced by the affected organizations.
Conclusion
The security breach of the MOVEit file-transfer application has led to the exposure of personal information belonging to 769,000 retired California employees and 2.5 million Genworth Financial policyholders.
The breach, attributed to Russian cybercriminals, has impacted numerous organizations worldwide, highlighting the vulnerability of supply-chain hacks. Immediate actions are being taken to mitigate the breach’s consequences, including offering credit monitoring and protection to affected individuals.
The incident underscores the critical importance of robust network security measures and the need for continuous vigilance in protecting sensitive data.
