/

Genworth Data Breach: What & How It Happened?

Genworth Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In May 2023, Genworth experienced a security incident involving a third-party vendor's software, which affected a significant amount of personal information. The incident was disclosed on May 31, 2023, and involved Genworth Financial, Inc. and its affiliated companies.

How many accounts were compromised?

The breach impacted data related to over 2.5 million customers, policyholders, and agents.

What data was leaked?

The data exposed in the breach included customers' names, dates of birth, Social Security numbers, policy numbers, and personal information of certain Genworth insurance agents.

How was Genworth hacked?

The ID breach occurred due to a security vulnerability in the MOVEit file transfer software used by PBI Research Services, a third-party vendor. Hackers exploited this vulnerability through a SQL injection, gaining unauthorized access to the database and potentially escalating privileges. The full extent of the impact on individuals whose data was compromised remains unclear.

Genworth's solution

In response to the hack, Genworth took several measures to address the security event and protect its customers. While there is no mention of removing malware or backdoors, the company ensured that the third-party vendor, PBI, promptly investigated the breach and confirmed the identities of all potentially affected individuals. PBI also notified federal law enforcement about the security event. To help impacted individuals, PBI offered 24 months of credit monitoring and identity restoration services through Kroll at no cost.

How do I know if I was affected?

Genworth reached out to affected users and provided them with support, such as credit monitoring and identity restoration services. If you believe you may have been affected by the Genworth breach but did not receive a notification, you can visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on your accounts whenever possible. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity. If you notice anything unusual, report it to the appropriate company or financial institution immediately.

For more specific help and instructions related to Genworth's data breach, please contact Genworth's support directly.

Where can I go to learn more?

For more information on the Genworth data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

Genworth Data Breach: What & How It Happened?

Genworth Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In May 2023, Genworth experienced a security incident involving a third-party vendor's software, which affected a significant amount of personal information. The incident was disclosed on May 31, 2023, and involved Genworth Financial, Inc. and its affiliated companies.

How many accounts were compromised?

The breach impacted data related to over 2.5 million customers, policyholders, and agents.

What data was leaked?

The data exposed in the breach included customers' names, dates of birth, Social Security numbers, policy numbers, and personal information of certain Genworth insurance agents.

How was Genworth hacked?

The ID breach occurred due to a security vulnerability in the MOVEit file transfer software used by PBI Research Services, a third-party vendor. Hackers exploited this vulnerability through a SQL injection, gaining unauthorized access to the database and potentially escalating privileges. The full extent of the impact on individuals whose data was compromised remains unclear.

Genworth's solution

In response to the hack, Genworth took several measures to address the security event and protect its customers. While there is no mention of removing malware or backdoors, the company ensured that the third-party vendor, PBI, promptly investigated the breach and confirmed the identities of all potentially affected individuals. PBI also notified federal law enforcement about the security event. To help impacted individuals, PBI offered 24 months of credit monitoring and identity restoration services through Kroll at no cost.

How do I know if I was affected?

Genworth reached out to affected users and provided them with support, such as credit monitoring and identity restoration services. If you believe you may have been affected by the Genworth breach but did not receive a notification, you can visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on your accounts whenever possible. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity. If you notice anything unusual, report it to the appropriate company or financial institution immediately.

For more specific help and instructions related to Genworth's data breach, please contact Genworth's support directly.

Where can I go to learn more?

For more information on the Genworth data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

Genworth Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

In May 2023, Genworth experienced a security incident involving a third-party vendor's software, which affected a significant amount of personal information. The incident was disclosed on May 31, 2023, and involved Genworth Financial, Inc. and its affiliated companies.

How many accounts were compromised?

The breach impacted data related to over 2.5 million customers, policyholders, and agents.

What data was leaked?

The data exposed in the breach included customers' names, dates of birth, Social Security numbers, policy numbers, and personal information of certain Genworth insurance agents.

How was Genworth hacked?

The ID breach occurred due to a security vulnerability in the MOVEit file transfer software used by PBI Research Services, a third-party vendor. Hackers exploited this vulnerability through a SQL injection, gaining unauthorized access to the database and potentially escalating privileges. The full extent of the impact on individuals whose data was compromised remains unclear.

Genworth's solution

In response to the hack, Genworth took several measures to address the security event and protect its customers. While there is no mention of removing malware or backdoors, the company ensured that the third-party vendor, PBI, promptly investigated the breach and confirmed the identities of all potentially affected individuals. PBI also notified federal law enforcement about the security event. To help impacted individuals, PBI offered 24 months of credit monitoring and identity restoration services through Kroll at no cost.

How do I know if I was affected?

Genworth reached out to affected users and provided them with support, such as credit monitoring and identity restoration services. If you believe you may have been affected by the Genworth breach but did not receive a notification, you can visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on your accounts whenever possible. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity. If you notice anything unusual, report it to the appropriate company or financial institution immediately.

For more specific help and instructions related to Genworth's data breach, please contact Genworth's support directly.

Where can I go to learn more?

For more information on the Genworth data breach, check out the following news articles: