[UCRDBR] Prudential Life Insurance – Internal Data Breach

Departmental Benefits Representatives ucrdbr at lists.ucr.edu
Tue Jan 10 10:10:38 PST 2023 

[cid:image001.png at 01D924DB.C92FEFA0]

January 10, 2023

To:
Department Benefit Representatives
From:
HR Benefits Office on behalf of UC Office of the President
Re:
Prudential Life Insurance – Internal Data Breach

UC Office of the President was recently advised by Prudential Life Insurance of an internal data breach that occurred on October 26, 2022, impacting 1,801 systemwide participants in UC’s Life Insurance Plans.

Overview:
Personal identifying information including name, SSN, date of birth, and gender was sent in error via unsecured email by Prudential to fourteen unauthorized recipients.  This included fourteen individuals at Prudential, Willis Towers Watson, and Wilmington Trust. (These consulting firms provide actuarial and financial consulting services for UC’s Life Insurance plans and are trusted partners).  Although UCOP periodically provides them with aggregate data for the plans, Prudential should not have sent an email containing personal identifying information.

Root Cause:
The root cause of this issue was human error.  A Prudential employee intending to send aggregate data mistakenly included the personal identifying information in their email.  Upon identifying the issue, Prudential immediately contacted the recipients and had them delete the email and clear their Deleted Emails folder. This information was disclosed in error and was not stolen. UCOP has no reason to believe the information was disclosed to anyone else outside of the fourteen individuals at Prudential, Willis Towers Watson, and Wilmington Trust, nor does UCOP have any reason to believe the information has been used improperly in any illegal activities.   Prudential has implemented internal measures to ensure this does not happen again.

Resolution:
Impacted UC participants will receive a letter from Prudential via U.S. mail informing them of the breach.  A free two-year identity monitoring service provided by Prudential is being offered to impacted participants. The service is offered in partnership with Kroll, a global leader in risk mitigation and response.  Impacted participants should contact Prudential by phone at 1-800-621-1089 between the hours of 8:00 am and 6:00 pm, EST with any questions about the data breach.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucr.edu/pipermail/ucrdbr/attachments/20230110/a181c39e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16627 bytes
Desc: image001.png
URL: <https://lists.ucr.edu/pipermail/ucrdbr/attachments/20230110/a181c39e/attachment.png>

More information about the UCRDBR mailing list