Massive Data Breach at NTT DATA Americas Exposes Standard Insurance Customers’ Personal Details

In a recent incident, the personal details of Standard Insurance customers were exposed in a data breach. The breach occurred on servers belonging to PBI Research Services, a company processing data for Standard Insurance, and was being hosted by NTT DATA Americas. This breach has impacted over 300,000 individuals, highlighting the urgent need for stronger cybersecurity measures.

Impact and exposure

The attacker gained unauthorized access to Standard Insurance data through the MOVEit Transfer service used by PBI Research Services. NTT DATA Americas, the subsidiary of the Japanese multinational IT company NTT DATA, has informed affected individuals about the breach. According to information disclosed to the Maine Attorney General, approximately 308,072 people had their personal details compromised in this attack.

Risks of Social Security Number (SSN) exposure

The compromised personal details include names and Social Security numbers (SSNs). The exposure of SSNs poses significant risks as the stolen data can be used by impersonators for identity theft. Combined with names and driver’s license numbers, stolen SSNs provide the necessary ammunition for criminals to commit various forms of fraud, including financial and medical identity theft. This breach underscores the critical importance of protecting such sensitive information.

Role of PBI Research Services

PBI Research Services, a US-based population management solutions provider, was exposed to this attack due to the utilization of the MOVEit Transfer service. This platform served as the entry point for the malicious actors to gain unauthorized access to the data processed for Standard Insurance. The incident emphasizes the need for organizations to conduct thorough risk assessments and ensure the security of third-party services they rely on.

NTT DATA Americas: A Major IT Player

NTT DATA Americas, a subsidiary of the Japanese multinational IT company NTT DATA, plays a crucial role in the incident. With over 139,000 employees and revenues exceeding $30 billion, NTT DATA is a major player in the global technology industry. However, this breach raises concerns about the company’s security protocols and highlights the importance of implementing robust cybersecurity measures.

Scope of MOVEit Transfer attacks

The MOVEit Transfer attacks have caused widespread damage. Over 980 organizations and nearly 60 million individuals have been confirmed to be impacted by these attacks. The ransomware gang Cl0p has claimed responsibility for these breaches, targeting various sectors and industries. This extensive scale of the attacks reveals the urgent need for enhanced cybersecurity practices and vigilance in the face of evolving threats.

Other affected organizations

Standard Insurance is not the only organization affected by the MOVEit Transfer attacks. Numerous well-known companies, including TD Ameritrade and American Airlines, have had their clients’ personal data exposed in this breach. The significant list of targeted entities also includes TJX, TomTom, Pioneer Electronics, and AMC Theatres. These incidents highlight the importance of organizations, irrespective of their size or industry, prioritizing cybersecurity as a foundational element of their operations.

The massive data breach at NTT DATA Americas, impacting Standard Insurance customers, serves as a wake-up call for organizations around the world. The exposure of personal details, including Social Security numbers, underscores the severe risks posed by such incidents. It is crucial for businesses to invest in robust cybersecurity measures, conduct regular risk assessments, and ensure the security of their third-party service providers. This incident highlights the need for heightened vigilance and comprehensive security protocols to protect sensitive personal information from falling into the wrong hands.

Explore more

Ethereum Uses AI Swarms to Proactively Patch Network Flaws

The architectural integrity of global decentralized networks has reached a pivotal juncture where the speed of malicious exploitation often outpaces the traditional cadence of human-led security audits. To address this widening gap, The Ethereum Foundation has fundamentally transitioned its security strategy from a reactive model to an automated, proactive defense paradigm that leverages the power of machine learning. This shift

How Is ERP Modernization Driving DLA to Audit Readiness?

The Defense Logistics Agency currently manages an intricate global supply chain that serves as the backbone for the United States military, requiring an unprecedented level of financial precision and operational transparency to meet modern oversight requirements. This massive undertaking involves a transition from aging, siloed legacy systems to a unified Enterprise Resource Planning environment designed to provide real-time visibility into

What Makes Odyssey Infostealer a Global Threat to macOS?

The long-standing myth that macOS remains immune to sophisticated cyberattacks has been decisively shattered by the emergence of the Odyssey infostealer, a highly specialized malware variant engineered to bypass modern system integrity protections. This transition represents a fundamental shift in the threat landscape, where the historical security-by-obscurity advantage once enjoyed by Apple users has entirely vanished. As the adoption of

Can AI Secure Windows Without Compromising Stability?

The sheer scale of modern software development has reached a point where manual code review is no longer sufficient to protect the billions of devices running Windows across the globe. As lines of code multiply and interdependencies become more complex, traditional security measures are struggling to keep pace with the rapid evolution of sophisticated digital threats. In response to this

Xero Launches JAX to Redefine Accounting with Agentic AI

Small business owners have historically spent an exhausting amount of time tethered to spreadsheets and receipts, but the emergence of agentic AI is finally turning those static records into a living, breathing financial command center that operates with minimal human oversight. With more than five million global subscribers now integrated into its ecosystem, Xero is spearheading a movement toward Accountable