Corebridge Financial Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In June 2023, Corebridge Financial experienced a data breach linked to a vulnerability in third-party software. This incident resulted in unauthorized access to sensitive customer information, impacting numerous clients. Corebridge Financial, previously part of a larger organization, offers a range of services including insurance, asset management, and retirement solutions.
How many accounts were compromised?
The data breach impacted over 100,000 accounts.
What data was leaked?
The data exposed in the breach included full names, Social Security numbers, policy/account numbers, dates of birth, and addresses.
How was Corebridge Financial hacked?
Attackers exploited a zero-day vulnerability in the third-party software MOVEit Transfer, gaining unauthorized access to Corebridge's servers and downloading sensitive data. The breach was carried out by a Russian-based cyber gang called Clop, who claimed to have accessed MOVEit transactions worldwide. The extent of the breach remains unclear, as it is unknown if any ransoms were paid.
Corebridge Financial's solution
In response to the hack, Corebridge Financial initiated an investigation and sent out data breach letters to affected individuals. While specific enhanced security measures were not detailed, the company is known to protect customers' sensitive information through advanced technology, administrative and security safeguards, such as secure login, encryption, monitoring, firewalls, and antivirus and anti-malware protection. Affected individuals were encouraged to seek legal assistance to understand their rights and options following the breach.
How do I know if I was affected?
Corebridge Financial has notified customers believed to be affected by the breach. If you're a Corebridge Financial customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to Corebridge Financial's data breach, please contact Corebridge Financial's support directly.
Where can I go to learn more?
If you want to find more information on the Corebridge Financial data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
Corebridge Financial Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In June 2023, Corebridge Financial experienced a data breach linked to a vulnerability in third-party software. This incident resulted in unauthorized access to sensitive customer information, impacting numerous clients. Corebridge Financial, previously part of a larger organization, offers a range of services including insurance, asset management, and retirement solutions.
How many accounts were compromised?
The data breach impacted over 100,000 accounts.
What data was leaked?
The data exposed in the breach included full names, Social Security numbers, policy/account numbers, dates of birth, and addresses.
How was Corebridge Financial hacked?
Attackers exploited a zero-day vulnerability in the third-party software MOVEit Transfer, gaining unauthorized access to Corebridge's servers and downloading sensitive data. The breach was carried out by a Russian-based cyber gang called Clop, who claimed to have accessed MOVEit transactions worldwide. The extent of the breach remains unclear, as it is unknown if any ransoms were paid.
Corebridge Financial's solution
In response to the hack, Corebridge Financial initiated an investigation and sent out data breach letters to affected individuals. While specific enhanced security measures were not detailed, the company is known to protect customers' sensitive information through advanced technology, administrative and security safeguards, such as secure login, encryption, monitoring, firewalls, and antivirus and anti-malware protection. Affected individuals were encouraged to seek legal assistance to understand their rights and options following the breach.
How do I know if I was affected?
Corebridge Financial has notified customers believed to be affected by the breach. If you're a Corebridge Financial customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to Corebridge Financial's data breach, please contact Corebridge Financial's support directly.
Where can I go to learn more?
If you want to find more information on the Corebridge Financial data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
Corebridge Financial Data Breach: What & How It Happened?
Twingate Team
•
Jun 14, 2024
In June 2023, Corebridge Financial experienced a data breach linked to a vulnerability in third-party software. This incident resulted in unauthorized access to sensitive customer information, impacting numerous clients. Corebridge Financial, previously part of a larger organization, offers a range of services including insurance, asset management, and retirement solutions.
How many accounts were compromised?
The data breach impacted over 100,000 accounts.
What data was leaked?
The data exposed in the breach included full names, Social Security numbers, policy/account numbers, dates of birth, and addresses.
How was Corebridge Financial hacked?
Attackers exploited a zero-day vulnerability in the third-party software MOVEit Transfer, gaining unauthorized access to Corebridge's servers and downloading sensitive data. The breach was carried out by a Russian-based cyber gang called Clop, who claimed to have accessed MOVEit transactions worldwide. The extent of the breach remains unclear, as it is unknown if any ransoms were paid.
Corebridge Financial's solution
In response to the hack, Corebridge Financial initiated an investigation and sent out data breach letters to affected individuals. While specific enhanced security measures were not detailed, the company is known to protect customers' sensitive information through advanced technology, administrative and security safeguards, such as secure login, encryption, monitoring, firewalls, and antivirus and anti-malware protection. Affected individuals were encouraged to seek legal assistance to understand their rights and options following the breach.
How do I know if I was affected?
Corebridge Financial has notified customers believed to be affected by the breach. If you're a Corebridge Financial customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to Corebridge Financial's data breach, please contact Corebridge Financial's support directly.
Where can I go to learn more?
If you want to find more information on the Corebridge Financial data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions