At Global Atlantic, we do our best to protect personal information entrusted to us and ensure our business partners do the same. Despite these efforts, we have been informed by Pension Benefits Information LLC (“PBI”) that they recently experienced a cybersecurity incident involving the MOVEit file transfer application, and that the incident has impacted our policyholder data. PBI is a third-party vendor that Global Atlantic uses to satisfy applicable regulatory obligations to identify the deaths of insured persons, which can impact premium payment obligations and benefit eligibility. PBI is one of hundreds of companies across a variety of industries that have been impacted by the MOVEit incident.  

Please note that Global Atlantic’s environment was not compromised as a part of this incident. It is still safe to interact with our corporate systems and our website.

This page contains FAQs specific to this event.
 

1. What happened?

On or around May 31, 2023, Progress Software disclosed that cyber criminals had actively exploited an unknown vulnerability in its MOVEit file transfer application. Because MOVEit is used by thousands of organizations to support the secure transfer of data for common business activities, this incident has affected many companies around the world. 

One of the organizations impacted by the MOVEit incident is PBI. PBI is a third-party vendor that Global Atlantic uses to satisfy applicable regulatory obligations to identify the deaths of insured persons, which can impact premium payment obligations and benefit eligibility.

Upon learning of the incident, PBI initiated an investigation, which revealed that cyber criminals accessed one of their MOVEit transfer servers on May 29, 2023 and May 30, 2023 and downloaded certain data from that system. On June 7, 2023, PBI notified Global Atlantic that personal data for an uncertain number of policyholders had likely been taken by the cyber criminals. Global Atlantic then engaged outside experts and worked with PBI to understand the nature and scope of impacted information. 

This incident affected Global Atlantic policyholder data in the possession of PBI due to PBI’s use of the MOVEit file transfer application. Global Atlantic does not use MOVEit, and Global Atlantic’s own environment was not impacted as a result of this incident.
 

2.    What is Global Atlantic doing about this? 

Upon learning of this incident, Global Atlantic engaged outside experts and has worked with PBI to understand the nature and scope of information impacted. We have also reported the incident to the appropriate authorities.

Impacted individuals will receive a notification letter via U.S. Mail in the coming weeks. To help protect the identities of impacted individuals, we are offering a complimentary two-year membership in Experian’s® IdentityWorks^SM credit monitoring service. Notice recipients should please refer to the notification letters for more information, including how to sign up for this service.
 

3.    What information has been impacted as a result of this incident? 

Based on a review of the data shared by PBI, the information impacted as a result of this incident includes certain individual’s names, policy numbers, social security numbers, dates of birth, gender, and address data.

Any individual determined to have been impacted should receive notification via U.S. Mail in the coming weeks.
 

4.    Why am I just now hearing about this?

On June 7, 2023, PBI—a third-party vendor used by Global Atlantic—notified Global Atlantic that personal data for an uncertain number of policyholders had likely been taken by the cyber criminals. Global Atlantic then worked with PBI to understand the nature and scope of the information impacted. 

While this investigation remains ongoing, based on a thorough review of the data shared by PBI, Global Atlantic has determined that the compromised data included certain individual’s names, policy numbers, social security numbers, dates of birth, gender, and address data. Impacted individuals will receive notification via U.S. Mail regarding this incident. 
 

5.    Who is PBI?

Pension Benefit Information LLC (PBI) is a third-party vendor that Global Atlantic uses to satisfy applicable regulatory obligations to identify the deaths of insured persons, which can impact premium payment obligations and benefit eligibility. 
 

6.    What is MOVEit? 

The MOVEit transfer application is a third-party software provided by Progress Software Corporation for the purposes of secure file transfers. Secure file transfer solutions are intended to move large amounts of data efficiently.

Global Atlantic does not use the MOVEit transfer application. PBI—a third-party vendor used by Global Atlantic—utilizes the MOVEit transfer application to securely share files between companies. MOVEit is used by thousands of organizations around the world, including many financial services institutions.
 

7.    Is it safe to continue to interact with Global Atlantic? 

Yes. Global Atlantic does not use the MOVEit application and Global Atlantic’s environment was not compromised as a part of this incident. 
 

8.    Did Global Atlantic report this incident to law enforcement? 

Yes. Global Atlantic reported this incident to law enforcement and is committed to cooperating with any questions or follow up investigation they may have into the PBI MOVEit transfer application incident.
 

9.    Why did I receive a letter from Global Atlantic?

Global Atlantic is sending notifications to individuals whose personal information was affected by a recent cybersecurity incident impacting its third-party service provider, PBI. If you received a letter, it is because your personal information was impacted by this incident.
 

10.    I am not familiar with Global Atlantic. Why do you have my data? 

Global Atlantic is a leading retirement and life insurance company that works with both individuals and institutions. Global Atlantic includes the following subsidiary companies:

• Accordia Life and Annuity Company
• Commonwealth Annuity and Life Insurance Company
• First Allmerica Financial Life Insurance Company 
• Forethought Life Insurance Company

For individuals who received a notification letter but do not have a direct relationship with Global Atlantic, it is likely that, pursuant to an agreement with the individual’s insurer, Global Atlantic assumed administrative responsibilities for their policy.
 

11.    How will I know if I’m impacted by this incident? 

Global Atlantic is sending notifications to individuals whose personal information was affected by a recent cybersecurity incident impacting its third-party service provider, PBI. If you received a letter, it is because your personal information was impacted by this incident. Global Atlantic is offering two years of complimentary credit monitoring and identity protection services through Experian’s® IdentityWorks^SM to individuals whose information was involved in this incident.
 

12.    I no longer have an active policy with Global Atlantic. Why did I get this letter?

PBI is a third-party vendor that Global Atlantic uses to satisfy applicable regulatory obligations to identify the deaths of insured persons, which can impact premium payment obligations and benefit eligibility. PBI would have provided these services to former policyholders. 
 

13.    Is my money safe with Global Atlantic? 

This incident occurred at a third-party vendor and impacted a limited set of categories of personal information. This did not impact Global Atlantic’s systems or network environment in any respect.
 

14.    Will you be providing identity protection or credit monitoring services?

Yes. Global Atlantic is offering two years of complimentary credit monitoring and identity protection services through Experian’s® IdentityWorksSM to individuals whose information was impacted by this incident.
 

15.    I’m having trouble connecting to an Experian Agent 

Due to the scope of this incident across multiple industries and Experian’s excellent reputation, call volumes may be high and hold times could be long. Please stay on the line until an Experian Customer Care agent is able to pick up the call.
 

16.    What can I do to protect my information?

Impacted individuals will receive a letter from Global Atlantic outlining various steps to take to protect their information. It is always advisable to review account statements and credit reports regularly for any unauthorized activity. Any unauthorized activity should be immediately reported to the relevant financial advisor or the appropriate service provider.

Individuals may obtain a copy of their credit report, free of charge, once every 12 months from each of the three nationwide credit reporting companies. To order a free credit report, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228.

Impacted individuals may consider temporarily freezing their credit. A credit freeze can help prevent credit, loans and other services from being opened in someone’s name without their permission. To initiate a credit freeze, contact each of the three national credit reporting agencies. 

• Equifax: 1-888-298-0045 or Equifax.com/personal/credit-report-services 
• Experian: 1-888-397-3742 or Experian.com/help 
• TransUnion: 800-916-8800 or TransUnion.com/credit-help

Additional information is available at www.annualcreditreport.com. 

Suspected fraud or identity theft should be reported to the institution where the fraud occurred, or where the fraudulent account was opened, as well as the Federal Trade Commission, the relevant state Attorney General, and local law enforcement.

Please also consider informing Global Atlantic of suspected fraud or identity theft at https://www.globalatlantic.com/report-fraud or by emailing ReportFraud@gafg.com.
 

17.    Who can I call if I have more questions? 

For additional questions or more information, please contact Experian’s Customer Care team at 1-833-919-4754 toll-free Monday through Friday from 8:00 a.m. – 10:00 p.m. Central, or Saturday and Sunday from 10:00 a.m. – 7:00 p.m. Central.