CONSUMER FIRST ALERT: Don’t ignore a data breach letter
A cyber-attack affected numerous companies, potentially affecting millions of people
GREEN BAY, Wis. (WBAY) - A Consumer First Alert about a cyberattack potentially affecting millions of people.
In Northeast Wisconsin, people are starting to get letters notifying them they might be a victim of a data breach.
Don’t ignore this letter.
A Green Bay viewer called Action 2 News. She received a letter, too, and she wanted to get the word out after mentioning to a friend and finding out her friend got a letter, too.
The letter is from PBI, which stands for Pension Benefit Information. Our caller didn’t think she ever did business with them, but PBI provides services for many insurance and financial companies and pension funds.
PBI’s website says it was impacted in the global “MOVEit Transfer” cyberattack in May.
The FBI and cybersecurity officials are investigating the MOVEit cyberattack, which is attributed to a ransomware gang linked to Russia.
MOVEit Transfer software is widely used by businesses to securely share files online.
A previously unknown flaw allowed cybercriminals to get into the system to copy and steal files. They hold companies for ransom and use this to profit from identity theft.
This attack potentially affects 60 million people.
The U.S. government confirmed the Department of Energy was hit. ABC News reports the BBC and British Airways are among big-name victims. Johns Hopkins Health System and University confirmed it was hit.
Wisconsin Consumer Protection tracks data breaches. It says if you get a data breach notification letter, first verify it’s real, then follow the suggested steps to protect your information: Sign up for any credit monitoring that may be available and monitor your accounts.
Just because you get a letter doesn’t necessarily mean you are a victim of identity theft, but don’t ignore the risk.
A statement from Hospital Sisters Health System (HSHS) reads:
“As was widely reported, Pension Benefit Information (PBI) was affected by the MOVEit software vulnerability, which impacted thousands of organizations worldwide. A third-party vendor of the HSHS pension plan partners with PBI to complete quarterly reviews of pension participants. The vendor recently notified HSHS that certain HSHS retirement plan participants’ personal information was included in the PBI files that were involved in the MOVEit incident. PBI is notifying those individuals about the incident and steps they can take to help protect their information. HSHS does not use the MOVEit software.”
Copyright 2023 WBAY. All rights reserved.
