My Personal Identifiable Information (PII) leaked (unauthorized third parties were likely able to access and download full names, Social Security numbers, policy/account numbers, dates of birth, and addresses, among other), again, compliments of SaaS. This time it was “MOVEit Transfer”, which Corebridge (one of my retirement accounts financial institutions) uses.
This CVE provides details of the vulnerability that was exploited. Links within that page explains it further.
Duuuuuuuck! 🤬 Initial fraud alert—1 year—placed on the three major credit bureaus.
Update: 11/08
Partner is also receiving the same notification I got, today. The impact of the breach goes beyond Corebridge. Maybe you are affected too!