Prudential said 36,000 people were affected in a February data breach – it just revised that number to 2.5 million

Prudential Financial , a major US insurance firm, has revised a breach notice for a cyber attack that hit the company in February 2024, now stating that over 2.5 million individuals had their data stolen.

The company’s initial filing to the Attorney General’s Office in Maine listed the number of affected persons as 36,545, revealing a drastic increase in the scope of the attack.

One of the major life insurance providers in the US and beyond, Prudential boasts approximately 50 million customers around the world.

According to Prudential, the attackers were able to access these individuals’ names and other personal identifiers, as well as their driver’s license numbers and other non-driver ID card numbers.

It is not clear what led to this revision, ITPro has approached Prudential Financial for clarification on this development and will update this article with their response if it is forthcoming.

In a statement given to The Record , a spokesperson for Prudential said the information leaked during the incident was different for each individual.

Prudential said it would be providing affected parties with 24 months of complimentary credit monitoring as an additional layer of protection.

Prudential incident highlights “disjointed” security practices

The initial breach took place on 2 February 2024 and was discovered two days later, according to the filing, with a description of the incident listed as a social engineering attack .

“Through the investigation, we learned that the unauthorized third party gained access to our network on February 4, 2024, and removed a small percentage of personal information from our system”

Prudential has not shared any further information on the threat actors behind the attack, but did not directly refute claims from ALPHV/Blackcat that it was responsible for the attack.

Keep devices safe from security threats

ALPHV added Prudential to its dedicated leak site on 16 February 2024, although they did not provide any sample data of proof of their access.

Nick Tausek, lead security automation architect at Swimlane suggested that disjointed tooling across an increasingly complicated technology stack is leaving security gaps in many organization’s network perimeter , and threat actors are targeting these weak spots.

"While their security teams need various tools to protect complex technology environments, disjointed tools that lack cross-communication and cloud integration are straining team bandwidth and creating security gaps ,” he said.

“Cyber criminals are taking advantage of these gaps, leading to frequent and costly breaches. According to a recent report from Swimlane and Omdia , 42% of financial organizations have had at least one breach with a total cost of $1M in the last 12 months, with 20% experiencing a breach with a total cost of more than $5M.”