Pension Benefit Information impacted by MOVEit vulnerability
Pension Benefit Information, LLC (PBI) reported a data breach, disclosing that unauthorized access to confidential consumer data occurred due to a vulnerability in the MOVEit file-transfer software used by PBI.
The data breach impacts 371,359 individuals and resulted in the exposure of sensitive information, including
PBI conducted an investigation, identified the affected individuals, and began sending data breach notification letters. The breach was attributed to vulnerabilities in the MOVEit software announced by Progress Software in May and June 2023.
PBI promptly applied patches and took mitigation measures following the discovery of the vulnerabilities. The unauthorized access to PBI's MOVEit server occurred on May 29-30, 2023, and compromised files containing confidential consumer information were removed.