Finance & Banking , Fraud Management & Cybercrime , Incident & Breach Response

Millions Affected by Prudential Ransomware Hack in February

Insurance Giant Says Hackers Stole Data of 2.5 Million Individuals
Millions Affected by Prudential Ransomware Hack in February
Prudential Financial's updated tally of individuals affected by a February ransomware attack now stands at 2.5 million.

A February ransomware attack against Prudential Financial affected 2.5 million customers, the financial giant disclosed after initially characterizing the incident as minor.

See Also: The Expert Guide to Mitigating Ransomware & Extortion Attacks

The New Jersey insurance provider - it manages $1.496 trillion in assets - in February told federal regulators that hackers stole "limited data" including client data and personal identifiable information. In March it began notifying 36,545 individuals that hackers stole driver's license numbers.

In an updated notification total, the insurer now said the names of 2,556,210 individuals were stolen, in combination with additional, unspecified data.

In an emailed statement, Prudential said the tally shouldn't increase a second time. "Prudential worked diligently to complete a complex analysis of the affected data and notify individuals, as appropriate, on a rolling basis starting on March 29, 2024. Prudential's notifications are substantially complete at this time," a spokesperson said.

Russian-speaking ransomware-as-a-service group Alphv claimed responsibility for the attack. The group, also known as Black Cat, apparently shut down in March after receiving a $22 million extortion payment from Optum's Change Healthcare medical billing middleman unit (see: BlackCat Ransomware Group 'Seizure' Appears to Be Exit Scam).

Analysis by the FBI in 2023 shows the group began focusing on the healthcare sector in December 2023. Suspected of being a successor to DarkSide and BlackMatter, with ties to former REvil members, the group has used the Emotet botnet to distribute ransomware. The March notification from Prudential says the breach was caused by social engineering. A noted Alphv affiliate tracked as Scattered Spider, Octo Tempest and UNC3944 has, in particular, used effective social engineering techniques thanks to its members' ability to speak American English (see: Spanish Police Bust Alleged Leader of Scattered Spider).


About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.