{
	"id": "13236d75-56f0-48b4-981a-6cff805cb2e8",
	"created_at": "2026-04-06T00:21:05.01288Z",
	"updated_at": "2026-04-10T13:12:29.036809Z",
	"deleted_at": null,
	"sha1_hash": "98e84482d9e18d81585663cf16c1df06eec0b8dd",
	"title": "MOVEIt breach impacts Genworth, CalPERS as data for 3.2 million exposed",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2014743,
	"plain_text": "MOVEIt breach impacts Genworth, CalPERS as data for 3.2 million\r\nexposed\r\nBy Bill Toulas\r\nPublished: 2023-06-23 · Archived: 2026-04-05 12:58:50 UTC\r\nPBI Research Services (PBI) has suffered a data breach with three clients disclosing that the data for 4.75 million people\r\nwas stolen in the recent MOVEit Transfer data-theft attacks.\r\nThese attacks started on May 27th , 2023, when the Clop ransomware gang began exploiting a MOVEit Transfer zero-day\r\nvulnerability to allegedly steal data from hundreds of companies.\r\nOver the past week, the Clop gang began extorting companies by slowly listing impacted organizations on its data leak site\r\nas they attempt to pressure victims to pay a ransom demand.\r\nhttps://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nAccording to three different disclosures from PBI clients, millions of customers have had their sensitive data exposed in\r\nthese attacks. However, this number may increase as other companies make further disclosures.\r\nThe first impacted entity is Genworth Financial, a Virginia-based life insurance services provider.\r\nIn a MOVEit Security Event notice published on their website, Genworth says PBI informed them of the security breach on\r\nJune 16, 2023, and subsequently verified that customers' personal data was stolen.\r\nThe firm estimates that the data breach impacted between 2.5 and 2.7 million individuals who are either its customers\r\n(insurance, annuity, long-term care) or working for them as insurance agents.\r\nThe exposed data includes the following:\r\nFull name\r\nDate of birth\r\nSocial security number\r\nZip code\r\nState of residence\r\nPolicy number\r\nAgent ID (for agents)\r\nGenworth says this attack did not impact its own systems and network or affected its business operations, as it does not use\r\nthe MOVEit or GoAnywhere products.\r\nAffected individuals will receive notices of a data breach in the coming weeks, which will contain instructions on enrolling\r\nfor free-of-charge credit monitoring and identity theft protection services.\r\nThe second firm impacted by the PBI breach is Wilton Reassurance, a New York-based insurance provider, which reports\r\nthat 1,482,490 of its customers had data stolen.\r\nAs reported to the Office of the Maine Attorney General, the exposed information includes customers' names and social\r\nsecurity numbers.\r\nAlthough a sample of a data breach notification letter has not been uploaded to Maine's portal yet, Wilton Reassurance has\r\ninformed that they will provide 12 months of free identity theft protection and credit monitoring services through Kroll to\r\nimpacted individuals.\r\nThe third company impacted by PBI's data breach is CalPERS (California Public Employees' Retirement System), the\r\nlargest public pension fund in the US, which is now informing retirees and beneficiaries about the event.\r\nIn a notice to its website, CalPERS says it responded to the situation immediately after learning about the breach and took\r\nactions to secure its members' benefits and data by strengthening its data management protocols that pertain to working with\r\ncontractors.\r\nThe agency says approximately 769,000 of its members were impacted by the security incident, who will all receive\r\nnotification letters with detailed information on how to access two years of free credit monitoring service through Experian.\r\nAt the time of writing this, PBI Research Services has not been listed on Clop's data leak site. While this could mean that the\r\ncompany is negotiating with the threat actors not to release data, it could also mean that Clop has not begun extorting the\r\norganization yet.\r\nBleepingComputer has contacted PBI to comment on the situation, but we have not heard back by publication.\r\nUpdate 6/24 - A PBI spokesperson has sent BleepingComputer the following comment:\r\nPBI Research Services uses Progress Software’s MOVEit file transfer application with a number of clients. At the\r\nend of May, Progress Software identified a zero-day vulnerability in the MOVEit software that was actively being\r\nhttps://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/\r\nPage 3 of 4\n\nexploited by cyber criminals.\r\nPBI promptly patched its instance of MOVEit, assembled a team of cybersecurity and privacy specialists, notified\r\nfederal law enforcement and contacted potentially impacted clients.\r\nThe cyber criminals did not gain access to PBI’s other systems – access was only gained to the MOVEit\r\nadministrative portal subject to the vulnerability.\r\nPBI is working directly with impacted clients to identify impacted consumers and develop notice plans.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/\r\nhttps://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/"
	],
	"report_names": [
		"moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed"
	],
	"threat_actors": [],
	"ts_created_at": 1775434865,
	"ts_updated_at": 1775826749,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/98e84482d9e18d81585663cf16c1df06eec0b8dd.pdf",
		"text": "https://archive.orkl.eu/98e84482d9e18d81585663cf16c1df06eec0b8dd.txt",
		"img": "https://archive.orkl.eu/98e84482d9e18d81585663cf16c1df06eec0b8dd.jpg"
	}
}