Two Prudential companies in Malaysia confirm affected by MOVEit cyber security incident

Prudential Assurance Malaysia Bhd (PAMB) and Prudential BSN Takaful Bhd (PruBSN) have confirmed that they have been affected by the global MOVEit data-theft attack, “where a zero-day vulnerability was exploited.”

The two insurance companies said that as soon as they became aware of the breach, “we took action to isolate the affected server while the incident response team launched a thorough investigation and also notified relevant authorities.”

“It is very likely personal agent and customer data are affected which may include name, contact number, national identification number, bank account and/or partial credit card information, which will reduce the risk of unauthorised transactions.

“Our investigation is still ongoing. We are working to confirm this as quickly as we can,” the two companies said in a joint statement today.

PAMB and PruBSN said they “are constantly reviewing and updating their defence systems and have responded swiftly to this vulnerability in the MOVEit software.”

“Immediate steps are being taken to notify impacted customers and provide appropriate support,” they said, adding that both companies have also set up a dedicated hotline with extended hours for customers who seeks more information about the incident.