Prudential Malaysia has confirmed that two of its local subsidiaries, Prudential Assurance Malaysia Bhd (PAMB) and Prudential BSN Takaful Bhd (PruBSN), have been affected by a cybersecurity attack. Via an official statement published on its website, the multinational insurance company revealed that both of which suffered a data breach caused by the MOVEit zero-day vulnerability exploit, which had also hit many companies across the world.
For the uninitiated, MOVEit is a file transfer software preferred by many global organisations for its renowned security, especially when handling confidential data. However, its reputation came under fire recently due to a zero-day vulnerability exploit, which allowed attackers with the means to steal data directly from companies that are utilising it.
Prudential said it immediately took action to isolate the affected server as soon as it became aware of the data breach. At the same time, the company also instructed its incident response team to launch a thorough investigation, as well as notify relevant authorities regarding the matter. However, Prudential noted that certain crucial information may have been compromised despite its best efforts.
“It is very likely personal agent and customer data is affected which may include name, contact number, national identification number, bank account and/or partial credit card information,” the multinational insurance company wrote in the statement. “The risk of unauthorised transactions is reduced as only partial credit card information is included.”
Prudential added that its investigation into the data breach is still ongoing, and promises that it is working as quickly as it can. Furthermore, it noted that it is constantly reviewing and updating its defence systems, and has responded swiftly to this vulnerability in the MOVEit software. The company assured that its businesses remain fully operational, while its customer operations are unaffected by the attack.
For now, Prudential is urging its agents and customers to remain cautious of any unsolicited communications, avoid clicking on links or downloading attachments from suspicious emails, regularly review their bank accounts and credit card statements, and also contact their credit card issuer directly if they suspect their cards are compromised in any manner. Additionally, the company said it has also set up dedicated hotlines with extended hours which affected customers can reach by dialling 03-2771 2480 (PAMB) or 03-2742 4060 (PruBSN).
(Source: Prudential Malaysia [official website])
