On August 28, 2024, Metropolitan Life Insurance Company, commonly known as MetLife, notified the Attorney General of Montana about a significant data breach linked to one of its service providers. The breach appears to have resulted from a cyberattack that compromised sensitive consumer information, including names, dates of birth, policy numbers, and Social Security numbers. Following the completion of its investigation, MetLife began the process of sending data breach notification letters to all individuals whose personal information was affected by this incident.
The data breach was triggered by unauthorized access to the IT network of a service provider utilized by MetLife. An anonymous source informed MetLife of this breach in July 2024, which had initially been detected by the service provider on February 22, 2024. After identifying the security incident, the service provider secured its network and initiated an investigation to understand the extent of the breach and determine which MetLife customers were impacted. This proactive approach highlighted the service provider’s commitment to addressing the incident.
In June 2024, further confirmation from the service provider indicated that confidential MetLife customer information had been accessed without authorization. Upon this realization, MetLife undertook a thorough review of the compromised files to assess the leaked information and identify the individuals affected. The specifics of the breached information vary, but may include critical personal details such as names, dates of birth, policy numbers, and Social Security numbers, raising concerns about the potential for identity theft and fraud.
In response to the breach, MetLife acted swiftly by dispatching data breach letters on August 28, 2024, to the individuals affected. These notifications are intended to inform victims about the nature of the breach and provide them with a list of the specific information that may have been compromised. As a leading insurance provider, MetLife, which generates over $67 billion in annual revenue and employs around 45,000 people, recognizes the importance of transparency and customer trust in the wake of such incidents.
Reference:
