New York Life Data Stolen in MOVEit Breach

The third-party data breach may have exposed clients’ Social Security numbers, New York Life states
new york life
Image Credit: © Transversospinales | Dreamstime.com

New York Life Insurance Company customers are among the 40 million people exposed in the data breach involving the MOVEit file transfer program.

The group is the latest to join the lengthy roster of victims who had their personal information, including Social Security numbers, stolen during the now global cyberattack.

In a notice to the office of the Maine attorney general, New York Life says 25,685 of its customers were compromised during the hack between May 29 and May 30.

Like other companies, New York Life works with Pension Benefit Information (PBI), who utilizes MOVEit services from Progress Software Corporation (PSC) to transfer sensitive personal information. Officials are now pointing to a Russian group named Clop as the hackers who stole the data after discovering a security vulnerability in the transfer system.

As a result of the attack, New York Life is offering its clients 12 months of Kroll Identity Monitoring services, along with access to Kroll fraud specialists and licensed investigators. Other groups have offered between 12 to 24 months of identity theft protection for victims.

New York Life now joins over 600 affected institutions including the California Public Employees’ Retirement System (CalPERS), the Tennessee Consolidated Retirement System (TCRS) and TIAA, all whom were impacted by the widespread breach in May.

Litigation following the cyberattack

Nearly three months since the incident, victims are now filing lawsuits against corporations for exposing them to the MOVEit software breach. A former TIAA employee filed a class-action lawsuit against the organization earlier this month, accusing the organization of unproperly securing and safeguarding his personally identifiable information (PII).

Just this week, consumer-rights law firm Hagens Berman filed five nationwide class-action lawsuits against PSC, claiming the organization compromised the sensitive personal information, including medical records, banking information, Social Security numbers, and more, of tens of millions of people.

SEE ALSO:

Amanda Umpierrez
+ posts

Amanda Umpierrez is the Managing Editor of 401(k) Specialist magazine. She is a financial services reporter with over six years of experience and a passion for telling stories and reporting news. Amanda received her degree in journalism and government and politics at St. John’s University. She is originally from Queens, New York, but now resides in Denver, Colorado with her partner. In her free time, Amanda enjoys running, cooking, and watching the latest drama show.

Related Posts
5 for 2025
Read More

5 for 25

Don Trone says ‘B’ all you can be in 2025 when it comes to improving retirement outcomes
Total
0
Share