(Reuters) – The number of victims of the Moovit hack rose several million on Friday after the largest U.S. pension fund Calpers and insurer Genworth Financial said the personal information of its members and clients had been compromised.
Both announced that a third-party provider, PBI Research Services, was affected by data theft, which allowed hackers to obtain information from their customers. PBI could not be reached for comment.
On June 6, 2023, Calpers said, the PBI informed them of a “security vulnerability” in the MOVEit Transfer software that allowed hackers to download “our data.” The fund said that about 769,000 members, including retirees and beneficiaries, were affected.
MOVEit is widely used by organizations around the world to share sensitive data.
Genworth Financial, which was hardest hit, said the personal information of approximately 2.5 million to 2.7 million of its customers had been compromised.
“The personal information of a large number of policyholders and other clients in the life insurance business was unlawfully accessed,” Genworth stated.
Genworth also does not use the MOVEit software app, according to a company spokesperson.
From US government departments to UK telecoms regulator and energy giant Shell, they have reported casualties since Progress Software discovered the vulnerability in its MOVEit Transfer product last month.
(Reporting by Nikit Nishant in Bengaluru and Chris Sanders in Washington, D.C.; Editing in Spanish by Javier López de Llerida)
“Creator. Devoted pop culture specialist. Certified web fanatic. Unapologetic coffee lover.”