Prudential Financial, a major US life insurance provider, has revealed that a data breach in February 2024 has compromised the personal information of over 2.5 million individuals, a significant increase from the initially reported 36,000. The breach, detected on February 5, 2024, allowed attackers to access sensitive data, including names, addresses, driver’s license numbers, and identification card numbers.

The ALPHV/BlackCat ransomware group has claimed responsibility for the attack, adding Prudential to its leak site. According to an 8-K form filed with the U.S. Securities and Exchange Commission, Prudential detected the breach one day after the attackers infiltrated its systems. “Through the investigation, we learned that the unauthorized third party gained access to our network on February 4, 2024, and removed a small percentage of personal information from our systems,” Prudential said in a statement.

The company has been working with cybersecurity experts to confirm that the attackers no longer have access to their systems. Prudential is providing 24 months of identity theft and credit monitoring services through Kroll, an independent financial and risk solutions company.

This incident follows another significant data exposure in May 2023, when the personal information of 320,000 Prudential customers was compromised due to the Clop cybercrime gang hacking Pension Benefit Information, a third-party vendor.

According to BleepingComputer, legal action has been initiated against Prudential, with Constance Boyd leading a class action lawsuit in a New Jersey court, arguing that the company failed to safeguard its clients’ data, ultimately leading to the breach. This legal move adds to the pressure on Prudential as it deals with the aftermath of the breach.

The ALPHV/BlackCat group, responsible for the February breach, has a notorious history of cyberattacks. It has been linked to over 60 breaches worldwide and has extorted at least $300 million from more than 1,000 victims.

The Prudential data breach is part of a troubling trend of increasing cyberattacks on major corporations. In a similar vein, the ALPHV/BlackCat group had previously shut down its operations and executed an exit scam after stealing a $22 million ransom from an affiliate that targeted Change Healthcare.