Willis Towers Watson reports Data Breach via Pension Benefits MOVEit incident

Willis Towers Watson US LLC ("WTW") reports a data breach of their vendor Pension Benefits Information ("PBI") which affected confidential information provided to WTW.

The breach resulted in unauthorized access to consumers' sensitive information, including names and Social Security numbers. .

The cause of the breach involves a critical vulnerability in MOVEit, a secure file transfer service created by Progress Software. On May 31, 2023, Progress Software announced the vulnerability, allowing unauthorized access to MOVEit servers used by companies, including PBI. Subsequently, PBI conducted an investigation and confirmed that an unauthorized party accessed certain files related to WTW customers on its MOVEit server.

The compromised information varies depending on the individual and may include names and Social Security numbers. The number of affected individuals specific to WTW is not disclosed.