CalPERS Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In June 2023, the California Public Employees' Retirement System (CalPERS) experienced a data breach involving retiree information. The incident was related to an external vendor that provides certain services to CalPERS. In response, CalPERS has implemented measures to protect its members, including offering free credit monitoring and enhancing security protocols on its website.
How many accounts were compromised?
The breach impacted data related to approximately 769,000 individuals.
What data was leaked?
The data exposed in the breach included personal information such as names, dates of birth, and Social Security numbers.
How was CalPERS hacked?
The breach occurred due to a security vulnerability in a third-party vendor's software program, MOVEit file transfer, used by PBI Research Services to transfer files containing sensitive personal information. Attackers exploited this vulnerability to gain unauthorized access to the personal data of over a million retirees and beneficiaries, including names, dates of birth, and Social Security numbers.
CalPERS's solution
In response to the hack, CalPERS implemented several security measures to protect its members' benefits and prevent future incidents. These actions included introducing new protocols on the member benefits website, myCalPERS, and adding extra safeguards for those who use the member contact center and visit any CalPERS regional office. While specific details about the removal of malware, enhanced security protocols, and collaboration with cybersecurity experts remain unclear, CalPERS has taken steps to address the breach and ensure the safety of its members' information.
How do I know if I was affected?
CalPERS has not explicitly mentioned reaching out to affected users. However, if you are concerned about your personal information being compromised, you can visit Have I Been Pwned to check if your email address has been involved in any data breaches.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your financial and personal accounts for any suspicious activity, and report any discrepancies immediately.
For more specific help and instructions related to the CalPERS data breach, please contact CalPERS support directly.
Where can I go to learn more?
If you want to find more information on the CalPERS data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CalPERS Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In June 2023, the California Public Employees' Retirement System (CalPERS) experienced a data breach involving retiree information. The incident was related to an external vendor that provides certain services to CalPERS. In response, CalPERS has implemented measures to protect its members, including offering free credit monitoring and enhancing security protocols on its website.
How many accounts were compromised?
The breach impacted data related to approximately 769,000 individuals.
What data was leaked?
The data exposed in the breach included personal information such as names, dates of birth, and Social Security numbers.
How was CalPERS hacked?
The breach occurred due to a security vulnerability in a third-party vendor's software program, MOVEit file transfer, used by PBI Research Services to transfer files containing sensitive personal information. Attackers exploited this vulnerability to gain unauthorized access to the personal data of over a million retirees and beneficiaries, including names, dates of birth, and Social Security numbers.
CalPERS's solution
In response to the hack, CalPERS implemented several security measures to protect its members' benefits and prevent future incidents. These actions included introducing new protocols on the member benefits website, myCalPERS, and adding extra safeguards for those who use the member contact center and visit any CalPERS regional office. While specific details about the removal of malware, enhanced security protocols, and collaboration with cybersecurity experts remain unclear, CalPERS has taken steps to address the breach and ensure the safety of its members' information.
How do I know if I was affected?
CalPERS has not explicitly mentioned reaching out to affected users. However, if you are concerned about your personal information being compromised, you can visit Have I Been Pwned to check if your email address has been involved in any data breaches.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your financial and personal accounts for any suspicious activity, and report any discrepancies immediately.
For more specific help and instructions related to the CalPERS data breach, please contact CalPERS support directly.
Where can I go to learn more?
If you want to find more information on the CalPERS data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CalPERS Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In June 2023, the California Public Employees' Retirement System (CalPERS) experienced a data breach involving retiree information. The incident was related to an external vendor that provides certain services to CalPERS. In response, CalPERS has implemented measures to protect its members, including offering free credit monitoring and enhancing security protocols on its website.
How many accounts were compromised?
The breach impacted data related to approximately 769,000 individuals.
What data was leaked?
The data exposed in the breach included personal information such as names, dates of birth, and Social Security numbers.
How was CalPERS hacked?
The breach occurred due to a security vulnerability in a third-party vendor's software program, MOVEit file transfer, used by PBI Research Services to transfer files containing sensitive personal information. Attackers exploited this vulnerability to gain unauthorized access to the personal data of over a million retirees and beneficiaries, including names, dates of birth, and Social Security numbers.
CalPERS's solution
In response to the hack, CalPERS implemented several security measures to protect its members' benefits and prevent future incidents. These actions included introducing new protocols on the member benefits website, myCalPERS, and adding extra safeguards for those who use the member contact center and visit any CalPERS regional office. While specific details about the removal of malware, enhanced security protocols, and collaboration with cybersecurity experts remain unclear, CalPERS has taken steps to address the breach and ensure the safety of its members' information.
How do I know if I was affected?
CalPERS has not explicitly mentioned reaching out to affected users. However, if you are concerned about your personal information being compromised, you can visit Have I Been Pwned to check if your email address has been involved in any data breaches.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your financial and personal accounts for any suspicious activity, and report any discrepancies immediately.
For more specific help and instructions related to the CalPERS data breach, please contact CalPERS support directly.
Where can I go to learn more?
If you want to find more information on the CalPERS data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions