TSEA continues to take calls from some of our retiree members who have yet to receive a letter from Pension Benefits Information (PBI) regarding the June MOVEit file transfer data breach.
In June, the Tennessee Consolidated Retirement System (TCRS) reported a data security breach experienced by MOVEit, a file transfer software used by their vendor, Pension Benefits Information (PBI). This breach allowed unauthorized access to retirees’ data, including names, social security numbers, birth dates, and mailing addresses. It is important to note that this was not a breach within TCRS and doesn’t only affect retirees in Tennessee. The breach was worldwide, impacting more than 16 Million retirees.
Fortunately, no banking or payment data was included in the accessed files, and TCRS has confirmed that the breach didn’t impact their Self-Service platform. They are working with law enforcement on the matter. Meanwhile, PBI offered retirees included in the breach access to credit monitoring and identity restoration services, details of which are expected to be included in a mailed letter from PBI to retirees.
The letter from PBI was initially expected by July 15, according to a June 28 letter from TCRS to retirees about the breach. Then, an update posted to the TCRS website indicated letters were being mailed by PBI the week of August 1.
TSEA contacted TCRS about this concern. Here is what they shared:
“We have confirmation that the letters from Pension Benefit Information (PBI) have been going out in batches over the past three weeks. Each member impacted by the MoveIT data breach will receive a unique code that they will need sign up for 12 months of credit monitoring and identity restoration services provided by Kroll. These letters will be sent by U.S. mail.
Due to the magnitude of the breach nationwide, PBI has informed us that it is taking longer than initially estimated to assign unique codes, verify mailing addresses, and deliver the letters to each impacted member. The letters will contain the information needed to sign up for the services and the 12 months of credit monitoring will begin the day the member signs up. We have had confirmation from some retirees that have received their letters, but have heard from many more that they are still waiting.”
While waiting on your letter from PBI, TSEA encourages all retiree members to take the necessary steps to keep your information safe, as recommended by TCRS:
- Take a moment to review your accounts and credit history to ensure everything looks as you expect.
- If you suspect you are a victim of identity theft or fraud, contact your local police.
- The Federal Trade Commission also has additional information on how to protect your identity at: https://consumer.ftc.gov/features/identity-theft
TCRS has indicated they will continue to post any updates to their website here: https://treasury.tn.gov/Retirement/Retire-Ready-Tennessee/for-Retirees
We will also keep you informed as we continue to monitor the situation. If you have additional concerns, please contact the TSEA office at 615-256-4533.