Do you use Genworth Financial? You could be one of millions impacted by this data breach.

Krys'tal Griffin, Delaware News Journal
Updated ·2 min read

Editor's note: This story has been updated to reflect new information about patch efforts provided by Genworth Financial and Progress Software.

A third-party vendor working with an insurance provider used by thousands of Delawareans suffered a cybersecurity attack last month.

PBI Research Services, a third-party vendor for Genworth Financial, disclosed on June 16 that a data breach “impacted the personal information of an estimated 2.5 to 2.7 million individuals, including about 8,000 Delaware residents,” according to a June 26 statement from the Delaware Department of Insurance.

What information was breached?

A third-party vendor working with an insurance provider used by thousands of Delawareans suffered a cybersecurity attack in May.
A third-party vendor working with an insurance provider used by thousands of Delawareans suffered a cybersecurity attack in May.

Genworth Financial said the potentially compromised information may include policyholders, agents and the data of beneficiaries, including names, dates of birth, Social Security information, contact information and policy numbers.

In the statement, the Delaware Department of Insurance urges consumers to be vigilant in protecting their data, noting that beneficiaries may not be aware of policies that contain the sensitive information that was breached, particularly life insurance benefits.

How did the data breach happen?

The data breach was part of “significant” cybersecurity attack involving a file transfer system called MOVEit, according to the Insurance Department.

According to a spokesperson from Genworth, the estimated occurrence of the breach was May 29 to May 30, with PBI implementing the patches (fixes) provided by Progress Software, the producer of MOVEit, on June 2.

How is this situation being handled?

Consumers can visit Genworth.com/MOVEit for updates about the breach and should consider freezing their credit report due to the incident.
Consumers can visit Genworth.com/MOVEit for updates about the breach and should consider freezing their credit report due to the incident.

The Delaware Department of Insurance states that this data breach triggers Delaware’s Insurance Data Security Act, which provides proactive data security measures and mandates the following now occur:

  • Investigation of a cybersecurity event and correction of compromised information systems.

  • Detailed reporting to the insurance commissioner.

  • Notification to consumers within 60 days, except in cases where federal law or law enforcement agencies require or request modified timelines.

  • Consumers must be provided credit monitoring services at no cost for a period of at least one year in addition to receiving information regarding freezing one’s credit.

The breach will be investigated thoroughly, according to Insurance Commissioner Trinidad Navarro, and the Department of Insurance has a list of individuals relevant to the breached information to help consumer service representatives aid concerned policyholders, agents and beneficiaries who contact the office.

Consumers can visit Genworth.com/MOVEit for updates about the breach and should consider freezing their credit report due to the incident.

Got a tip or a story idea? Contact Krys'tal Griffin at kgriffin@delawareonline.com 

Avoid getting scammed with these tips: Together, nearly 7K Delawareans lost $19M to scams last year. Make sure you aren't next

Are your social media accounts safe?: How safe are your passwords? Make yours harder to hack on May 4, World Password Day

This article originally appeared on Delaware News Journal: Nearly 8,000 Delawareans impacted by Genworth Financial data breach