Over 1 Million Impacted By Milliman Solutions Breach
Table of Contents
- By Steven
- Jul 24, 2023
Milliman Solutions is a risk-assessment company that works with life insurance providers to explain to them the total risks involved with investing in any one individual. The company is headquartered in Seattle, Washington, and manages a huge amount of information for consumers on a daily basis. The organization employs over 3,000 individuals located in more than 59 separate offices. The company was one of the many impacted by the MOVEit data breach attacks, leaving all those customers vulnerable to serious data loss.
How Did the Attack Occur?
At the end of May, a zero-day vulnerability was exploited for the MOVEit file transfer service. In the exploit, a huge amount of information was taken from more than 130 separate companies. The exploit enabled attackers to steal information directly from the databases attached to the MOVEit service itself. Milliman, or a third-party provider the company relies on for data management, was compromised during the MOVEit breach. The information stolen during the breach has impacted a significant number of individuals, leaving them vulnerable to future attacks.
What Information Was Viewed or Stolen?
We don't have a full list of the data taken during this breach, but we know Social Security numbers and full names were accessible. We also suspect that additional personal information was gathered in this breach. More than 1 million individuals were exposed to the breach, leaving many consumers at risk for identity theft and other future issues. Victims should take steps to guard their accounts and credit in response to this attack.
How Did Milliman Solutions Admit to the Breach?
On July 17, 2023, Milliman began sending out notices of a data breach to all the victims of the breach. With approximately 1,280,823 involved, that's a substantial number of letters being sent out. All the letters explain the data points that could have been impacted and what customers can do about the potential breaches.
What Will Become of the Stolen Information?
The information stolen in this data breach and all the MOVEit breaches were first used in an attempt to obtain a ransom payment. If Milliman fails to pay the requested ransom the data stolen will be used in attacks and posted online for others to use as they wish. It's possible the information will be used for phishing attacks, and identity theft is another possible outcome that victims should expect.
What Should Affected Parties Do in the Aftermath of the Breach?
Should your information be involved in this attack, you should immediately check your credit for any changes. You'll know you were impacted if you end up receiving a letter from Milliman about the breach. Everyone gets access to one free credit report for each of the bureaus annually. Verify you don't have unknown accounts opened in your name. You can invest in credit monitoring services to watch for credit changes over time. You could also put a freeze on your credit for enhanced protection against these attackers. Act as soon as possible to protect yourself from attacks and keep your information safe.