Prudential Hit by Ransomware Group | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

The life and annuity issuer reports that the scope of the data breach seems to be limited.

The ALPHV/BlackCat ransomware group says it has stolen information from Prudential Financial and is holding it for ransom, but Prudential has concluded that the breach seems to be small.

The Newark, New Jersey-based life and annuity issuer first revealed the hack in a notice filed with the U.S. Securities and Exchange Commission on Feb. 13. It gave the SEC an update Wednesday.

“On the basis of the investigation to date, we have not found any evidence of malware, ransomware, data destruction or alteration, or that the threat actor currently has access to our systems,” Prudential says in the notice. “We continue to investigate the extent and impact of the incident, including whether the threat actor accessed any additional information or systems.”

A reporter at SecurityWeek, a cybersecurity publication, says that BlackCat indicated on its leak website that it had Prudential data and that Prudential had refused to pay a ransom.

Prudential declined to provide more information than what it put in the SEC notice.

What it means: It might be a good time to update your software and change your passwords.

Ransomware group: The ALPHV/BlackCat attracted U.S. investigators’ attention in 2022, according to the U.S. Justice Department.

The federal Cybersecurity and Infrastructure Security Agency reports that BlackCat ransomware-spreading affiliates have hacked about 1,000 entities, including about 750 in the United States, and received about $300 million in ransomware payments.

The field hackers get into an organization’s computer by calling an employee and pretending to work for the information technology or help desk team. The hacker then tricks the employee into providing the credentials the hacker needs to get into the organization’s network.

In some cases, the hacker gets an organization’s data and extorts an employee without installing ransomware.

The attack: Prudential reported in the first SEC notice that it had detected a system intrusion Feb. 5 and believed that the intrusion had occurred Feb. 4. The company noted that it had informed law enforcement and regulatory authorities.

In the new notice, the company says it believes that the intruder was a cybercrime group.

“Our investigation has identified that the group accessed and exfiltrated from a platform limited data that includes some client information and personally identifiable information,” the company says. “The threat actor also accessed and exfiltrated company administrative and user data from certain information technology systems and accessed a small percentage of company user accounts associated with employees and contractors.”

Credit: Bloomberg


Click Here For The Original Source.


National Cyber Security