What happened?

  • On June 6, 2023, The Union Labor Life Insurance Company (“Union Labor Life” or the “Company”) was informed by one of its service providers, Pension Benefit Information, LLC (“PBI”), that some of the Company’s data was compromised while on a MOVEit Transfer server maintained by PBI. The data was exposed from May 29 to May 30, 2023.
  • The MOVEit Transfer software is used by PBI and many other organizations to transfer files from one organization to another via secure file transfer protocol. Progress Software, the owners of MOVEit had notified users of its software of a previously unknown security vulnerability that was exploited by a Russian hacking group.
  • This data breach has affected numerous organizations and governmental entities that use the MOVEit software, not just clients of PBI. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) have each opened their own investigation into the breach and have determined that the MOVEit vulnerability was exploited by the CLOP ransomware group.

Who is PBI?

  • PBI is a service provider that conducts Social Security Death Master Index searches and provides other services to insurance and pension companies. In order to perform these searches, which are required by state law, companies must share certain personal information of their policyholders with PBI.
    What Personal Information of mine was exposed?
  • PBI conducted a forensic investigation and determined that the files with Company data that were accessed during the breach included first and last name, date of birth and Social Security number for certain individuals.
    Do I need to be worried about identity theft or other misuse of my data?
  • PBI’s investigation indicated that the personal information exposed was in fact taken from the MOVEit server. However, to date, PBI has not found any indication that the personal information has been misused.
  • While we cannot advise you whether to sign up for free credit monitoring or not, it is generally a good idea to monitor your credit information on a regular basis and report any unusual activity to the three credit bureaus.
    What is the Company/PBI doing to remedy the situation?
  • PBI engaged a cybersecurity firm to conduct a forensic investigation and security review.
  • A patch to address the security vulnerability in the MOVEit software was made available on June 2, 2023 and installed by PBI immediately.
  • PBI made other security enhancements to protect data on its servers from unauthorized access.

What is the Company doing for affected individuals?

  • PBI has engaged a data breach response vendor, Kroll LLC, handle notices to all affected individuals and offer credit monitoring on behalf of Union Labor Life. Kroll sent out notification letters to all affected individuals by U.S. mail on August 11, 2023 and has offered free credit monitoring for a period of time. Kroll is also maintaining a call center to take calls from affected individuals with questions.

Who can I contact if I have more questions?

  • For additional questions, affected individuals who have received a notification letter should please contact Kroll LLC at (866) 676-3191. For general questions about the breach, please contact the Ullico Inc. Privacy Office at (833) 286-5229 or contact us at compliance@ullico.com.