The long list of companies hit by the global MOVEit hack has grown further with the addition of insurance provider Genworth, whose millions of customers and agents combined are affected.
In a statement, Genworth said: “We were recently notified by PBI Research Services (PBI) that specific Genworth files containing customer and agent information were compromised due to a cyberattack that took advantage of a vulnerability in the widely used MOVEit file transfer software that PBI uses.”
PBI is a third-party vendor used by Genworth in scanning social security data to determine whether a policyholder may have passed and triggered death benefits under a life insurance policy or annuity contract. The company also helps Genworth in identifying deaths across other lines of insurance and insurance agents to whom commissions are paid.
“The [MOVEit security] event included personal information for approximately 2.5 million to 2.7 million individuals who are either customers or insurance agents,” revealed Genworth.
“The personal information accessed included life insurance, individual long-term care insurance, and annuity customers. We are working to understand what personal information related to our group long-term care products may have been affected.
“For policyholders, the exposed information includes social security number, name, date of birth, ZIP code, state of residence, and policy number. For agents, the exposed information includes the agent ID, name, date of birth, and full address.”
Genworth confirmed that the information of “a very significant portion” of its customers across long-term care insurance, life insurance, and annuities was exposed via PBI while Genworth’s own information systems were not impacted as the company does not use the compromised software.
Affected individuals, meanwhile, will receive credit monitoring services and identity theft protection, Genworth said.
What do you think about this story? Share your thoughts in the comments below.