On August 25, 2023, Pension Benefit Information, LLC (“PBI”) filed a notice with the Attorney General of Maine on behalf of Standard Insurance Company (“The Standard”) after learning about a MOVEit data breach affecting The Standard customers. In this notice, PBI explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, dates of birth and Social Security numbers. After completing an investigation, PBI began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Pension Benefit Information discussing information you provided to Standard Insurance Company, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the PBI / Standard Insurance Company data breach. For more information, please see our recent piece on the topic here.
The PBI / Standard Insurance Company data breach was only recently announced, and more information is expected in the near future. However, The Standard’s filing with the Attorney General of Maine provides some important information on what led up to the breach. According to this source, PBI provides audit and address research services for insurance companies, pension funds, and other organizations, including Transaction Applications Group, Inc., a licensed third-party administrator of Accident Insurance offered by Standard Insurance Company and The Standard Life Insurance Company of New York. In the normal course of business, PBI uses a file-transfer application called MOVEit, which is created by Progress Software.
On May 31, 2023, Progress Software announced a previously unknown vulnerability within MOVEit. This vulnerability allowed hackers to access the MOVEit servers of businesses, as well as the information stored therein.
Upon learning of the MOVEit vulnerability, PBI launched an investigation. Through this investigation, PBI learned that an unauthorized party accessed the company’s MOVEit server between May 29, 2023 and May 30, 2023, and downloaded certain data.
After learning that sensitive consumer data was accessible to an unauthorized party, PBI reviewed the compromised files to determine what information was leaked and which consumers were impacted. It was determined that the breach affected certain customers of The Standard. While the breached information varies depending on the individual, it may include your name, dates of birth and Social Security number.
On August 25, 2023, PBI sent out data breach letters on behalf of The Standard to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised. Note this incident did not affect The Standard's computer system, and any leaked info was accessed through PBI’s MOVEit server.
Founded in 1998, Standard Insurance Company is a holding company based in Portland, Oregon. The Standard serves as a holding company for businesses that provide insurance, retirement and investment products and services. The Standard Insurance Company employs more than 3,585 people and generates approximately $972 million in annual revenue.
ncG1vNJzZmivp6x7q7DSrqermV6YvK57y56emqSemsS0e8yorZ6hpGKxosDAZpmrnZGYtW6t02anm6FdlrOnscKtqmanppq%2Fbn2WbnBub2Fk