After initially disclosing a data breach in February to the Securities and Exchange Commission that it said was not materially impacting, Prudential Financial has updated its notice with a revised total number of affected residents - a number staggeringly higher than anticipated.
More than 2.5 million individuals have been compromised by this data breach attack, rather than the 36,000 the insurance company originally said were affected.
The stolen information includes names, addresses, driver's license numbers, and identification card numbers.
The notice was filed with the Maine Attorney General's Office just last week by the larger Prudential Insurance Company of America.
Legal proceedings popped up after the discovery of the breach earlier this year, with plaintiff Constance Boyd leading a class action lawsuit against the company in a New Jersey court, arguing that it failed to safeguard its client's data, ultimately leading to the breach.
It's unclear how this lawsuit will be affected with the uptick in impacted individuals.
Prudential withheld any information on the threat actors, but the ALPHV/BlackCat ransomware group claimed responsibility for the hack after adding the company to its leak site.
As for recovery operations, the data breach notification says that the company will be providing 24 months of identity theft and credit monitoring services through Kroll, an independent financial and risk solutions company.
This Cyber News was published on www.darkreading.com. Publication date: Mon, 01 Jul 2024 19:15:07 +0000