Prudential Financial Reveals Shocking 2.5 Million Affected by Data Breach

Imagine waking up to the news that your personal information has been compromised in a massive data breach. That’s precisely what happened to millions of Prudential Financial customers recently. Prudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach.

According to an 8-K form filed with the U.S. Securities and Exchange Commission, Prudential detected the incident on February 5, just one day after the attackers (a suspected cybercrime group) breached its systems and accessed administrative/user data and employee/contractor accounts.

In March, the Fortune 500 company revealed in a filing with the Maine Attorney General’s Office that it notified over 36,000 people whose personal information (including names, driver’s license numbers, and non-driver identification card numbers) was stolen during the breach.

“Through the investigation, we learned that the unauthorized third party gained access to our network on February 4, 2024 and removed a small percentage of personal information from our systems,” Prudential said.

“As part of our response, we have worked with leading cybersecurity experts to confirm the unauthorized third party no longer has access to our company systems.”

However, last week, the company updated the information shared with the Maine Attorney General’s Office regarding the February data breach and now says that the incident impacted 2,556,210 people.

A Prudential Financial spokesperson has yet to reply to our request for more details regarding the attack.

Who’s Behind the Breach?

While Prudential has yet to share additional information regarding the threat actors behind the February 2024 data breach, the ALPHV/Blackcat ransomware gang claimed the attack on February 13.

ALPHV shut down its operations and pulled an exit scam after stealing the $22 million ransom from Notchy, the affiliate behind the Change Healthcare breach.

The FBI linked this ransomware gang to over 60 breaches worldwide during its first four months of activity and said that ALPHV raked in at least $300 million from over 1,000 victims until September 2023.

Prudential is the second-largest life insurance company in the United States, with 40,000 employees worldwide and reported revenues of over $50 billion in 2023.

In May 2023, the personal information of an additional 320,000 Prudential customers—including names, addresses, dates of birth, phone numbers, and Social Security numbers—was also exposed after the Clop cybercrime gang hacked into the MOVEit Transfer file-sharing platform of Pension Benefit Information (PBI), a third-party vendor handling the data.

What Can You Do to Protect Yourself?

As cybercriminals continue to find new ways to breach security systems, it’s essential for individuals and businesses to remain vigilant and take steps to protect their data. We encourage you to stay informed about cybersecurity best practices and keep an eye on your accounts for any suspicious activity.

At IT Services, we’re here to help. If you have any concerns about your cybersecurity or need assistance, don’t hesitate to reach out to us. We’re committed to keeping your information safe and secure in an increasingly digital world.