Skip to main content

Unsupported Browser Detected

Internet Explorer is not fully compatible with the features of this website. For the best possible experience, please switch to Chrome or Firefox. Click each to download if needed.

You are: individual

Financial Professional

I’m an individual or investor looking to take action to help secure my financial future.

I want to tackle the retirement and protection needs of individuals.

I want to learn more about your employer plan solutions and technology.

I want to log in to my account or learn more about retirement planning and enrolling.

Hello

I want to tackle the retirement and protection needs of individuals. This website content is intended for use by Financial Professionals.

No Yes
Hello

This website is intended for financial professional use only. Please confirm that you are a financial professional.

Yes No


Information on third-party vendor security incident

 

Last updated: February 2025

On June 16, 2023, Corebridge Financial was made aware by a former third-party vendor, Pension Benefit Information, LLC (PBI), that they were impacted by the MOVEit file transfer vulnerability that affected a large number of organizations globally. On June 26, 2023, the vendor confirmed that Corebridge customer data in their possession was obtained by an unauthorized party due to the exploitation of that vulnerability. We previously used PBI’s services to identify otherwise unreported deceased end consumers of our products and services, so we could meet our obligations. Following the PBI security incident, the vendor provided assurances that their instance of the MOVEit vulnerability had been remediated.

Along with PBI and their forensic investigators, we conducted a thorough investigation to determine the scope and nature of personal information involved in the PBI security incident. Individual policy/contract owners whose personal information was affected were notified in 2023 and offered complimentary credit monitoring, fraud consultation and identity restoration services. Corebridge also notified regulatory agencies in compliance with applicable laws.  Following the security incident, Corebridge no longer uses PBI’s services and is working with an alternate vendor.

We take the privacy of our customers’ data very seriously and undertook additional measures to secure our operations and to protect our customers’ data, which included enhanced fraud monitoring. Corebridge’s own systems and data were not affected by the MOVEit vulnerability or PBI’s related incident, and we successfully patched our instances of the MOVEit application in accordance with the latest best practices.

Frequently Asked Questions

On June 16, 2023, Corebridge Financial was made aware by a former third-party vendor, Pension Benefit Information, LLC (PBI), that they were impacted by the MOVEit file transfer vulnerability that had affected a large number of organizations globally. On June 26, 2023, the vendor confirmed that Corebridge customer data in their possession was obtained by an unauthorized party due to the exploitation of that software vulnerability. 

MOVEit Transfer is a managed file transfer software solution that allows an organization to securely transfer large amounts of data efficiently between parties. In addition to PBI, many organizations, including private companies, government agencies and financial and educational institutions, were affected by this vulnerability.

PBI was a third-party vendor Corebridge previously utilized for regulatory compliance and operational support services for our businesses. Like many other insurance and financial services companies, we used PBI’s services to identify otherwise unreported deceased end consumers of our products and services to meet our obligations. Corebridge no longer uses PBI’s services.

Along with PBI and their forensic investigators, we conducted a thorough investigation to determine the scope and nature of personal information involved. Our investigation determined that the incident impacted personal information of (1) Corebridge policyholders and account owners such as name, address, date of birth, policy/account number, and Social Security number, and (2) beneficiaries such as name, address, and date of birth. 

Corebridge’s information systems and operations were not impacted, and we continue to serve our customers as we always have.

We take the privacy of our customers’ data very seriously and undertook additional measures to secure our operations and to protect our customers’ data, which include enhanced fraud monitoring. Corebridge’s own systems and data were not affected by the MOVEit vulnerability or PBI’s related incident, and we successfully patched our instances of the MOVEit application in accordance with the latest best practices.

In 2023 following the PBI security incident, letters were mailed from PBI and Corebridge to individual policy/contract owners whose personal information was impacted in 2023. The letter offered individuals 24 months of complimentary credit monitoring, fraud consultation and identity restoration services as an added measure of assurance. The notification letter provided information on how to register for these free services and a toll-free number individuals could call with any questions.

It is always advisable to review your account statements and credit reports regularly for any unauthorized activity. You should immediately report any unusual activity to your financial institution. You can also contact the three major credit bureaus to place a “fraud alert” on your file at no cost, which alerts creditors to contact you before they open a new credit account under your Social Security number.

Customers

Please contact us at 1-866-327-0015

Monday – Friday 9:00 am – 6:00 pm ET