Pension Benefit Information impacted by MOVEit vulnerability

published: July 12, 2023

Learn More

Pension Benefit Information, LLC (PBI) reported a data breach, disclosing that unauthorized access to confidential consumer data occurred due to a vulnerability in the MOVEit file-transfer software used by PBI.

The data breach impacts 371,359 individuals and resulted in the exposure of sensitive information, including

  • names,
  • partial mailing addresses,
  • Social Security numbers,
  • dates of birth.

PBI conducted an investigation, identified the affected individuals, and began sending data breach notification letters. The breach was attributed to vulnerabilities in the MOVEit software announced by Progress Software in May and June 2023.

PBI promptly applied patches and took mitigation measures following the discovery of the vulnerabilities. The unauthorized access to PBI's MOVEit server occurred on May 29-30, 2023, and compromised files containing confidential consumer information were removed.

Pension Benefit Information impacted by MOVEit vulnerability