A third-party vendor working with an insurance provider used by thousands of Delawareans suffered a cybersecurity attack last month.
PBI Research Services, a third-party vendor for Genworth Financial, disclosed on June 16 that a data breach “impacted the personal information of an estimated 2.5 to 2.7 million individuals, including about 8,000 Delaware residents,” according to a June 26 statement from the Delaware Department of Insurance.
What information was breached?
Genworth Financial said the potentially compromised information may include policyholders, agents and the data of beneficiaries, including names, dates of birth, Social Security information, contact information and policy numbers.
In the statement, the Delaware Department of Insurance urges consumers to be vigilant in protecting their data, noting that beneficiaries may not be aware of policies that contain the sensitive information that was breached, particularly life insurance benefits.
How did the data breach happen?
The data breach was part of “significant” cybersecurity attack involving a file transfer system called MOVEit, according to the Insurance Department.
According to the Insurance Department, the breach likely occurred from May 29 to May 30 before corrective action was implemented on June 2. At this time, the department has not been notified of additional insurer or insured information being compromised during the breach.
How is this situation being handled?
The Delaware Department of Insurance states that this data breach triggers Delaware’s Insurance Data Security Act, which provides proactive data security measures and mandates the following now occur:
- Investigation of a cybersecurity event and correction of compromised information systems.
- Detailed reporting to the insurance commissioner.
- Notification to consumers within 60 days, except in cases where federal law or law enforcement agencies require or request modified timelines.
- Consumers must be provided credit monitoring services at no cost for a period of at least one year in addition to receiving information regarding freezing one’s credit.
The breach will be investigated thoroughly, according to Insurance Commissioner Trinidad Navarro, and the Department of Insurance has a list of individuals relevant to the breached information to help consumer service representatives aid concerned policyholders, agents and beneficiaries who contact the office.
Consumers can visit Genworth.com/MOVEit for updates about the breach and should consider freezing their credit report due to the incident.
Got a tip or a story idea? Contact Krys’tal Griffin atkgriffin@delawareonline.com.
Avoid getting scammed with these tips:Together, nearly 7K Delawareans lost $19M to scams last year. Make sure you aren’t next
Are your social media accounts safe?:How safe are your passwords? Make yours harder to hack on May 4, World Password Day
