/

Corebridge Data Breach: What & How It Happened?

Corebridge Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In July 2023, Corebridge Financial, a financial services company based in Houston, experienced a data breach involving unauthorized access to consumer information. The incident, linked to third-party software, affected a considerable number of individuals. Corebridge Financial, in collaboration with another entity, sent out notices to those impacted.

How many accounts were compromised?

The breach data impacted over 798, 000 account owners.

What data was leaked?

The data exposed in the breach included full names, Social Security numbers, policy/account numbers, dates of birth, and addresses.

How was Corebridge hacked?

Hackers exploited a zero-day vulnerability in the third-party software MOVEit Transfer, gaining unauthorized access to Corebridge Financial's servers and downloading sensitive data. A Russian-based cyber gang called Clop claimed responsibility for the breach, which targeted MOVEit transactions globally. The full extent of the breach's impact on Corebridge Financial remains unclear.

Corebridge's solution

In response to the hack, Corebridge Financial implemented enhanced security measures, although the specifics remain unclear. Affected individuals were advised to protect themselves from fraud or identity theft by changing passwords and PINs for personal accounts and signing up for credit monitoring services. It can be assumed that Corebridge Financial conducted a thorough investigation and addressed the situation, but details on the removal of malware and backdoors, the enhancement of security protocols, or collaboration with cybersecurity experts remain unclear.

How do I know if I was affected?

Corebridge Financial, along with Pension Benefit Information, LLC, sent out Notice of Data Breach letters to the affected individuals. If you believe you may have been affected but did not receive a notification, you can visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions to the appropriate financial institutions immediately.

For more specific help and instructions related to Corebridge's data breach, please contact Corebridge's support directly.

Where can I go to learn more?

If you want to find more information on the Corebridge data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

Corebridge Data Breach: What & How It Happened?

Corebridge Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In July 2023, Corebridge Financial, a financial services company based in Houston, experienced a data breach involving unauthorized access to consumer information. The incident, linked to third-party software, affected a considerable number of individuals. Corebridge Financial, in collaboration with another entity, sent out notices to those impacted.

How many accounts were compromised?

The breach data impacted over 798, 000 account owners.

What data was leaked?

The data exposed in the breach included full names, Social Security numbers, policy/account numbers, dates of birth, and addresses.

How was Corebridge hacked?

Hackers exploited a zero-day vulnerability in the third-party software MOVEit Transfer, gaining unauthorized access to Corebridge Financial's servers and downloading sensitive data. A Russian-based cyber gang called Clop claimed responsibility for the breach, which targeted MOVEit transactions globally. The full extent of the breach's impact on Corebridge Financial remains unclear.

Corebridge's solution

In response to the hack, Corebridge Financial implemented enhanced security measures, although the specifics remain unclear. Affected individuals were advised to protect themselves from fraud or identity theft by changing passwords and PINs for personal accounts and signing up for credit monitoring services. It can be assumed that Corebridge Financial conducted a thorough investigation and addressed the situation, but details on the removal of malware and backdoors, the enhancement of security protocols, or collaboration with cybersecurity experts remain unclear.

How do I know if I was affected?

Corebridge Financial, along with Pension Benefit Information, LLC, sent out Notice of Data Breach letters to the affected individuals. If you believe you may have been affected but did not receive a notification, you can visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions to the appropriate financial institutions immediately.

For more specific help and instructions related to Corebridge's data breach, please contact Corebridge's support directly.

Where can I go to learn more?

If you want to find more information on the Corebridge data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

Corebridge Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In July 2023, Corebridge Financial, a financial services company based in Houston, experienced a data breach involving unauthorized access to consumer information. The incident, linked to third-party software, affected a considerable number of individuals. Corebridge Financial, in collaboration with another entity, sent out notices to those impacted.

How many accounts were compromised?

The breach data impacted over 798, 000 account owners.

What data was leaked?

The data exposed in the breach included full names, Social Security numbers, policy/account numbers, dates of birth, and addresses.

How was Corebridge hacked?

Hackers exploited a zero-day vulnerability in the third-party software MOVEit Transfer, gaining unauthorized access to Corebridge Financial's servers and downloading sensitive data. A Russian-based cyber gang called Clop claimed responsibility for the breach, which targeted MOVEit transactions globally. The full extent of the breach's impact on Corebridge Financial remains unclear.

Corebridge's solution

In response to the hack, Corebridge Financial implemented enhanced security measures, although the specifics remain unclear. Affected individuals were advised to protect themselves from fraud or identity theft by changing passwords and PINs for personal accounts and signing up for credit monitoring services. It can be assumed that Corebridge Financial conducted a thorough investigation and addressed the situation, but details on the removal of malware and backdoors, the enhancement of security protocols, or collaboration with cybersecurity experts remain unclear.

How do I know if I was affected?

Corebridge Financial, along with Pension Benefit Information, LLC, sent out Notice of Data Breach letters to the affected individuals. If you believe you may have been affected but did not receive a notification, you can visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions to the appropriate financial institutions immediately.

For more specific help and instructions related to Corebridge's data breach, please contact Corebridge's support directly.

Where can I go to learn more?

If you want to find more information on the Corebridge data breach, check out the following news articles: