Regulation and Compliance Cybersecurity

Prudential Hit by Ransomware Group

News February 22, 2024 at 03:08 PM
Share & Print

The ALPHV/BlackCat ransomware group says it has stolen information from Prudential Financial and is holding it for ransom, but Prudential has concluded that the breach seems to be small.

The Newark, New Jersey-based life and annuity issuer first revealed the hack in a notice filed with the U.S. Securities and Exchange Commission on Feb. 13. It gave the SEC an update Wednesday.

"On the basis of the investigation to date, we have not found any evidence of malware, ransomware, data destruction or alteration, or that the threat actor currently has access to our systems," Prudential says in the notice. "We continue to investigate the extent and impact of the incident, including whether the threat actor accessed any additional information or systems."

A reporter at SecurityWeek, a cybersecurity publication, says that BlackCat indicated on its leak website that it had Prudential data and that Prudential had refused to pay a ransom.

Prudential declined to provide more information than what it put in the SEC notice.

What it means: It might be a good time to update your software and change your passwords.

Ransomware group: The ALPHV/BlackCat attracted U.S. investigators' attention in 2022, according to the U.S. Justice Department.

The federal Cybersecurity and Infrastructure Security Agency reports that BlackCat ransomware-spreading affiliates have hacked about 1,000 entities, including about 750 in the United States, and received about $300 million in ransomware payments.

The field hackers get into an organization's computer by calling an employee and pretending to work for the information technology or help desk team. The hacker then tricks the employee into providing the credentials the hacker needs to get into the organization's network.

In some cases, the hacker gets an organization's data and extorts an employee without installing ransomware.

The attack: Prudential reported in the first SEC notice that it had detected a system intrusion Feb. 5 and believed that the intrusion had occurred Feb. 4. The company noted that it had informed law enforcement and regulatory authorities.

In the new notice, the company says it believes that the intruder was a cybercrime group.

"Our investigation has identified that the group accessed and exfiltrated from a platform limited data that includes some client information and personally identifiable information," the company says. "The threat actor also accessed and exfiltrated company administrative and user data from certain information technology systems and accessed a small percentage of company user accounts associated with employees and contractors."

Credit: Bloomberg

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Related Stories

Lawsuit: Schwab, BofA Failed to Protect Older Couple Scammed Out of $18.5M Globe Life Reports Extortion Threat Involving Customer Data Banks Brace for Era of Consumer Data Sharing Fidelity Reports Data Breach Hitting 77,000 Clients Wells Fargo Client Sues Over Data Breach How Advisors Plan to Use Tech to Boost Growth: Schwab

Resource Center

Can Systematic Risk Be Reduced? link

Guide

Can Systematic Risk Be Reduced?

The Business Model Playbook: Mastering Technology for Firm Success link

Playbook

The Business Model Playbook: Mastering Technology for Firm Success

Harnessing AI to Power Advisor-Client Relationships link

White Paper

Harnessing AI to Power Advisor-Client Relationships