Major U.S. insurance provider Prudential Insurance has confirmed that data from 36,545 individuals had been compromised following a cyberattack in February, which the ALPHV/BlackCat ransomware operation claimed, reports The Record, a news site by cybersecurity firm Recorded Future.
Attackers infiltrated Prudential Insurance's systems on Feb. 4, enabling access to people's names, addresses, and ID cards, and driver's license numbers, said the insurer in a filing with the Office of the Maine Attorney General. Such a disclosure comes nearly two months after Prudential had informed the U.S. Securities and Exchange Commission regarding unauthorized access to some of its IT systems and certain employee- and contractor-linked user accounts.
Meanwhile, the U.S. State Department has since introduced a bounty program offering up to $10 million for any information regarding the identities or whereabouts of the members of the ALPHV/BlackCat operation, which has dismantled operations following allegations of stealing the ransom paid for the Change Healthcare attack from its affiliate.