Russian hackers expose information of 2.5 million Genworth customers

A database firm hired by Henrico County, Va.-based insurance giant Genworth Financial has been hit by hackers, exposing information about some 2.5 million to 2.7 million of its customers.

Hackers reportedly linked to Russian gangs accessed databases at several government agencies, companies and schools by breaching a gap in the MOVEit file transfer system.

Genworth said the attack on its vendor, PBI Research Services, exposed personal information on life insurance policyholders and other customers, including Social Security numbers. The attack did not reach information about its mortgage insurance customers.

The company said it will notify individuals affected by the attack. It will offer credit monitoring and identity theft protection services to them, and additional help and contact information can be found at www.genworth.com/ moveit.

Genworth uses PBI's services to identify the deaths of insured people under its life insurance, annuity and long term care policies.

Others affected by the attack on the MOVEit software, which is used to share sensitive data, include California's state pension fund, the U.S. Department of Energy, Louisiana's motor vehicle department, Johns Hopkins University and Health System, Nova Scotia's provincial government, British Airways and Shell Oil, according to published reports.

Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, said the hackers' attack was short-lived and relatively superficial, the British newspaper The Guardian reported.

The Associated Press reported that the breach of the file-transfer application also hit the California Public Employees Retirement system, the country's largest public pension fund. It said the data Russian cybercriminals stole included personal information of about 769,000 retired California employees and other beneficiaries — including Social Security numbers.

AP reported that the breach of the MOVEit file-transfer program, discovered last month, is estimated by cybersecurity experts to have compromised hundreds of organizations globally. Confirmed victims include the U.S. Department of Energy and several other federal agencies, more than 9 million motorists in Oregon and Louisiana, Johns Hopkins University, Ernst & Young, the BBC and British Airways.

Dave Ress

(804) 649-6948 [email protected] @daveRess1 on Twitter