Corebridge Financial, Inc. Data Breach

NOTICE: If you received an NOTICE OF DATA BREACH letter from Corebridge Financial, Inc. or Pension Benefit Information, LLC on behalf of Corebridge, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.

data breach in orange letters in code

On or about July 27, 2023 Corebridge Financial, Inc. (“Corebridge”) and/or Pension Benefit Information, LLC  (“PBI”) on behalf of Corebridge, sent a Notice of Data Breach Letter via mail to victims of the Corebridge data breach informing them that their personal information Personally Identifiable Information (“PII”) was obtained by hackers in an exploitation of a “zero-day” vulnerability in the third-party software “MOVEit Transfer” (“Data Breach”) that took place between May 29 and May 30, 2023.

On July 27, 2023, Corebridge stated “On or around May 31, 2023, Progress Software, the provider of MOVEit Transfer software disclosed a vulnerability in their software that had been exploited by an unauthorized third party.” PBI then conducted an investigation and determined that the unauthorized third party accessed its servers and downloaded data. Corebridge and PBI then conducted a review and determined that the Data Breach likely impacted 798,000 Corebridge customers. As a result of the Data Breach, unauthorized third parties were likely able to access and download full names, Social Security numbers, policy/account numbers, dates of birth, and addresses, among other possibly impacted data.

Corebridge, which was AIG’s “Life & Retirement” division until it was spun off in 2022, is a financial services company that provides annuities, life insurance, asset management, retirement solutions, and other services. Corebridge is headquartered in Houston, Texas and employs approximately 1,100 people.

If you received a Notice of Data Breach from Corebridge or PBI on behalf of Corebridge about the Data Breach then you were likely impacted by the Data Breach.

WHAT INFORMATION IS INVOLVED?

According to Corebridge the following information was exposed:

  • Name or other personal identifier
  • Social Security number
  • Policy/account number
  • Date of Birth
  • Address

This information is called your Personally Identifiable Information (“PII”). It tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity.

NOTICE: If you received a NOTICE OF SECURITY INCIDENT letter from Corebridge Financial, Inc. or Pension Benefit Information, LLC on behalf of Corebridge, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.