On June 26, 2023, Jackson National Life Insurance Company (“Jackson”) filed a Form 8-k with the Securities and Exchange Commission reporting a third-party data breach that affected approximately 700,000 to 800,000 of Jackson’s customers. In this notice, Jackson explains that the incident involved a third-party vendor’s use of the MOVEit file transfer software, which was recently discovered to contain a critical vulnerability. As a result, an unauthorized party was able to access Jackson consumers’ sensitive information. Upon completing its investigation, Jackson began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Jackson National Life Insurance Company, it is essential you understand what is at risk and what you can do about it. It is also possible that you could receive a data breach letter from PBI Research Services, Jackson’s vendor that experienced the breach. Either way, receiving a data breach letter means that your information may now be in the hands of cybercriminals. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the Jackson Life Insurance data breach. For more information, please see our recent piece on the topic here.

What Caused the Jackson Life Insurance Breach?

The Jackson Life Insurance data breach was only recently announced, and more information is expected in the near future. However, Jackson’s filing with the Securities and Exchange Commission provides some important information on what led up to the breach. According to this source, recently, Jackson learned that one of its third-party vendors, PBI Research Services (“PBI”) was affected by the recently discovered MOVEit incident. Evidently, Jackson uses PBI’s services to verify a policyholder’s death prior to paying out benefits.

PBI also informed Jackson that, as a result of the MOVEit incident, an unauthorized party was able to download personal information belonging to an estimated 700,000 to 800,000 Jackson customers.

After learning that sensitive consumer data was accessible to an unauthorized party, the companies reviewed the compromised files to determine what information was leaked and which consumers were impacted.

On June 26, 2023, Jackson Life Insurance also posted notice of the incident with the Attorney General of Massachusetts. Note, the PBI data breach did not affect Jackson’s computer systems.

However, in Jackson’s recent Form 8-k, the company also mentioned a MOVEit-related data breach that did affect the company’s IT network. However, Jackson notes that it expects the number of victims to be far fewer than were affected by the PBI incident.

More Information About Jackson National Life Insurance Company

Founded in 1961, Jackson National Life Insurance Company is an insurance and annuity company based in Lansing, Michigan. The company provides specialized asset management and retail brokerage services, as well as annuities for retail investors and fixed income products for institutional investors. Jackson Life Insurance employs more than 2,975 people and generates approximately $14.4 billion in annual revenue.