Brighthouse Life Insurance Company Provides Notice of Data Security Event

Rhea-AI Summary

Genworth Life Insurance Company and Genworth Life Insurance Company of New York (Genworth) notified Brighthouse Life Insurance Company (BLIC) of a security incident at their third-party vendor, PBI Research Services. The incident occurred on May 29-30, 2023, and compromised the data of certain BLIC policyholders. The disclosed information includes full name, Social Security number, date of birth, ZIP code, state of residence, and policy number. Affected policyholders will be notified by mail and offered 24 months of complimentary credit monitoring. BLIC maintains safeguards to protect its data and has a third-party risk management program in place.

CHARLOTTE, N.C.--(BUSINESS WIRE)-- On June 18, 2023, Genworth Life Insurance Company and Genworth Life Insurance Company of New York (“Genworth”) notified Brighthouse Life Insurance Company (“BLIC”) of a security incident at Genworth’s third-party vendor, PBI Research Services (“PBI”), that compromised the data of certain BLIC policyholders. On June 20, 2023, Genworth provided BLIC with the resident state information for the impacted policyholders.

Genworth administers a block of long-term care insurance policies for BLIC. Genworth contracts with PBI to identify policyholder deaths. PBI uses MOVEit, a data transfer software developed by Progress Software, to perform the death matching services. PBI shared with its clients that a vulnerability in MOVEit had caused the security incident, which took place on May 29, 2023, and May 30, 2023. PBI also notified Genworth that it implemented Progress Software’s security patches on June 2, 2023, to eliminate the vulnerability. The incident did not impact any BLIC information systems.

The incident resulted in the disclosure of the full name, Social Security number, date of birth, ZIP code, state of residence and policy number of the affected BLIC policyholders.

Affected policyholders are being notified by mail, which provides them with further information regarding the incident and how to enroll in 24 months of complimentary credit monitoring. Affected policyholders are encouraged to remain vigilant by reviewing their account statements and credit reports closely. If suspicious activity on an account is detected, affected policyholders should report the activity accordingly.

BLIC maintains appropriate technical, physical and administrative safeguards to protect its data and has a third-party risk management program in place to oversee its vendors. BLIC will continue to monitor and evaluate the evolving cybersecurity risk landscape and remain vigilant in taking proactive measures to address emerging threats to its data.

For more information, contact Brighthouse Financial at 844-474-8372, option 2.

View source version on businesswire.com: https://www.businesswire.com/news/home/20230817041269/en/

Brighthouse Financial

844-474-8372, option 2

Source: Brighthouse Financial, Inc.

FAQ

What is the security incident involving Genworth and BLIC?

Genworth, the third-party vendor for BLIC, experienced a security incident that compromised the data of certain BLIC policyholders.

When did the security incident occur?

The incident took place on May 29-30, 2023.

What information was compromised?

The compromised information includes full name, Social Security number, date of birth, ZIP code, state of residence, and policy number.

How will affected policyholders be notified?

Affected policyholders will be notified by mail.

What assistance is provided to affected policyholders?

Affected policyholders will be offered 24 months of complimentary credit monitoring.

What measures does BLIC have in place to protect data?

BLIC maintains appropriate technical, physical, and administrative safeguards and has a third-party risk management program.