MOVEit cyber incident - Sun Life U.S.

Updated 7/26/2023

A file transfer software called MOVEit, owned by Progress Software, was part of a global cyber-attack. Sun Life is not a MOVEit customer, and our systems, networks and business operations have not been directly affected.

However, one of our vendors, Pension Benefit Information, LLC (known as PBI), advised us that one of its servers was accessed by an unauthorized third party as part of the global attack. Because of this, some U.S. personal member information Sun Life shared with PBI to support our business has been accessed. PBI has advised us it is currently not aware of any indications of identity theft or fraud in relation to this event.

We take information security very seriously at Sun Life and are conducting our own investigation alongside PBI to confirm what data was involved. We know that protecting member data is important, and regret that this happened. Working with PBI, we are notifying members whose personal information was affected.

A list of frequently asked questions (FAQ) follows and will be updated as we learn more. 


PBI’s services help Sun Life pay life insurance and related benefits in a timely manner by complying with regulatory requirements to regularly check external sources, such as government databases including the Social Security Administration, to determine if benefits are due to beneficiaries. 

MOVEit is a widely used business-to-business managed file transfer software solution that allows an organization such as PBI to transfer files internally and between parties. Hackers exploited a vulnerability in Progress Software’s technology to access data in the supply chains of organizations around the world, and potentially expose the data.

PBI has advised that the personal information of certain members and account holders of our group life, long-term disability and life premium waiver insurance offered through employers, as well as individual life insurance and group pension annuities, was accessed. While our analysis is ongoing, Sun Life currently understands the personal information accessed by hackers included name, Social Security ‎Number, policy/account number and/or date of birth of some members and account holders.‎

IMPORTANT: No financial information, such as premium or account values, was exposed. No claim or medical information was exposed. No policy documents were exposed.

We are working with PBI to confirm the member data involved, notify affected members, and provide credit monitoring and identity protection services. We are working as quickly as we can on this with PBI.

We encourage any member to take precautions such as monitoring their accounts and credit history for signs of unauthorized activity. And, while no passwords were exposed, it is always a good idea to regularly change your account passwords.

We encourage all our members to be vigilant and aware of any suspicious activity in their accounts. Placing credit freezes or fraud alerts with your credit bureaus, such as Equifax, Experian, and TransUnion, is always a good way to increase protection to prevent potential misuse of your information.

Working with PBI, we will provide guidance and support directly to members affected by this event as soon as possible. 


If you are a member and have questions, please contact 1-800-SUN-LIFE (786-5433).

If you are a news reporter, please contact Devon Fernald.