Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label SEC filing. Show all posts

Prudential Financial Notifies 36,000 Victims of Data Leak

 

Last Friday, Prudential Financial began informing over 36,000 people of a data incident that occurred in early February 2024. 

The breach, first disclosed in a regulatory filing with the SEC in February, occurred on February 4 and was purportedly discovered the next day. 

Prudential reported at the time that the attackers had gained access to systems including business administrative and user data, as well as employee and contractor accounts. 

A week later, the ransomware gang Alphv/BlackCat claimed credit for the attack and added Prudential to their Tor-based leak site. This organisation was also responsible for a large outage in the US health system last month, hitting Change Healthcare systems and services. 

As per a March 29 complaint with the Maine Attorney General's Office, Prudential has verified that the hackers have gained access to the personal data of 36,545 people. 

We discovered through the investigation that on February 4, 2024, an unauthorised third party gained access to our network and removed a small percentage of personal information from our systems, the report reads. 

“Companies are always likely to remain wary of really rapid disclosure, given the financial impact these things can have on them, and use all the ‘tricks’ they can to delay,” commented Nick France, chief technology officer at Sectigo. 

“Ultimately, I believe that the new SEC regulations should make these processes work faster; however, given the wording of the regulation and the fact that it only came into effect at the very end of 2023, it may take some time before we see disclosures happening at the 4-day pace.” 

Individuals impacted by the Prudential breach are being notified of the issue by written notice. Names and other personal identifiers, as well as driver's licence numbers or non-driver identity card numbers, were among the compromised data.

Dealers of Jet Engines to Major Airlines Reveals 'Unauthorized Activity'

 

The Willis Lease Finance Corporation has disclosed to US regulators that it was targeted in a "cybersecurity incident," with data allegedly taken from the company being shared on the Black Basta ransomware group's leak blog.

In a filing submitted to the Securities and Exchange Commission (SEC) on February 9, the publicly listed company on NASDAQ stated that it became aware of a potential breach on January 31, prompting immediate action to address the situation.

According to the filing, the company initiated an investigation into the incident with the help of leading cybersecurity experts, taking measures to contain and address the activity, including temporarily shutting down certain systems. The company reported no unauthorized activity after February 2, 2024, and believes it has successfully contained the breach.

During the period when systems were offline, the company acknowledged resorting to alternative methods to maintain operations and serve customers, although specific details were not provided.

Willis Lease Finance also stated it is still evaluating the extent of the breach and whether any data was compromised. Law enforcement has been notified about the breach.

Although the company refrained from explicitly mentioning "ransomware" or "attack" in its disclosure, the presence of passport scans on Black Basta's website suggests that the investigation into potential data theft may yield results soon.

The ransomware group claims to have obtained 910 GB of company data, including information about customers, employees, HR records, non-disclosure agreements (NDAs), among others. Black Basta published a selection of documents online, including screenshots of accessed files, HR documents containing social security numbers, and identity documents such as passports.

Attempts to match names on these documents with online profiles revealed matches predominantly in the US and UK, along with some from other countries.

Efforts to reach Willis Lease Finance for comment were unsuccessful at the time of reporting.

Established for over 45 years, Willis Lease Finance describes itself as a leading independent provider of jet engines to major airlines worldwide.

Black Basta, known for its high-profile ransomware attacks, is linked to the now-defunct Conti group and is believed to have amassed over $100 million from its victims, including major organizations like Capita and Southern Water in the UK.