Prudential plc which confirmed recently that its businesses in Malaysia, Prudential Assurance Malaysia Berhad, and Prudential BSN Takaful Berhad were among those whose data were breached has now warned of potential risks.
The insurance company sent out notifications to customers informing them of the data breach and to be wary of subsequent phishing tactics including online scams, unsolicited phone calls, and even possible OTP requests.
Prudential said the breach stemmed from the global MOVEit data-theft attack, where a zero-day vulnerability was exploited. The company said as soon as it became aware of the breach, it took action to isolate the affected server while the incident response team launched a thorough investigation.
Personal information that could have been leaked includes name, national identification/passport number, and contact details.
Prudential also informed that its businesses remain fully operational and there is no impact on our customer operations.
