Life and Annuity Tech Firm IMS Reports Breach Affected 6.1M People

The breach: LockBit, an international ransomware gang, is believed to have hacked IMS systems Oct. 29, 2023. IMS found the breach and began to block it four days later.

In addition to holding stolen data for ransom, LockBit attackers press victims with extortion, by publishing the names and data of victims who fail to pay ransom or hush money, according to the federal Cybersecurity & Infrastructure Security Agency.

In the spring, the IMS customers with clients known to be affected included Bank of America, Northwestern Mutual and Fidelity’s Investments Life business.

IMS mentions Oceanview Life and Annuity Co. in the new notice.

Northwestern Mutual has filed a separate notice along with the template for a form letter from IMS. That notice shows that the estimated number of people affiliated with Northwestern Mutual who may have been exposed to the LockBit attack has fallen to 53,668, from 62,656 March 1.

Credit: Chris Nicholls/ALM; Adobe Stock