MOVEit cyber incident - Sun Life U.S.

First published, 7/7/2023

Last updated, 11/7/2023

A file transfer software called MOVEit, owned by Progress Software, was part of a global cyber-attack. Sun Life is not a MOVEit customer, and our systems, networks and business operations were not directly affected.

However, one of our vendors, Pension Benefit Information, LLC (known as PBI), advised us in late June 2023 that one of its servers was accessed by an unauthorized third party as part of the global attack. Because of this, some U.S. personal member information Sun Life shared with PBI to support our business was accessed. PBI also advised us at that time that it was not aware of any indications of identity theft or fraud in relation to this event.

We take information security very seriously at Sun Life and conducted our own investigation alongside PBI to confirm what data was involved. Working with PBI, we notified members whose personal information was affected and provided any applicable free credit monitoring and identity theft restoration services. Sun Life also encouraged members to take precautions such as monitoring their accounts and credit history for signs of unauthorized activity, along with other ways to protect their information.

We know that protecting member data is important, and regret that this happened.

A list of frequently asked questions (FAQ) follows.


PBI’s services help Sun Life pay life insurance and related benefits in a timely manner by complying with regulatory requirements to regularly check external sources, such as government databases including the Social Security Administration, to determine if benefits are due to beneficiaries.

MOVEit is a widely used business-to-business managed file transfer software solution that allows an organization such as PBI to transfer files internally and between parties. Hackers exploited a vulnerability in Progress Software’s technology to access data in the supply chains of organizations around the world.

PBI advised that the personal information of certain members and account holders of our group life, long-term disability and life premium waiver insurance offered through employers, as well as individual life insurance and group pension annuities, was accessed. We confirmed the personal information accessed by hackers included name, Social Security ‎Number, policy/account number and/or date of birth of some members and account holders.‎

IMPORTANT: No financial information, such as premium or account values, was exposed. No claim or medical information was exposed. No policy documents were exposed.

We worked with PBI to notify members whose personal information was affected, and provided any applicable credit monitoring and identity protection services.

Sun Life also encouraged members to take precautions such as monitoring their accounts and credit history for signs of unauthorized activity. And, while no passwords were exposed, we advised it is always a good idea to regularly change account passwords.

To help secure the online identity and accounts for you or your loved ones, here are actions that you can take to remain vigilant about the protection of personal information:

  • Regularly review financial accounts and insurance information and contact your providers, such as banks or credit card companies, right away to report any suspicious activity.
  • If you are concerned your information has been exposed, contact one of the major credit-reporting agencies listed in the table below to initiate a fraud alert and security freeze (credit freeze). However, be aware that a fraud alert or security freeze may interfere with or delay legitimate requests for credit approval. These agencies also offer free credit reports that you can check for unusual activity.
  • If you are managing accounts of a loved one who has passed away and are concerned their information has been exposed, you can add a flag to their credit file with an alert advising lenders not to issue credit. In most cases, a flag will prevent the opening of new credit accounts in their name.


Credit agencies










  • Be extra cautious with emails, texts, and social media messages you receive. Validate the sender, and do not respond unless you are certain the sender is legitimate.
  • Regularly change account passwords, use strong passwords, and avoid using the same password across various accounts.
  • Additional guidance about protecting against identify theft is available from the Federal Trade Commission at


If you are a member and have questions, please contact 1-800-SUN-LIFE (786-5433).

If you are a news reporter, please contact Devon Fernald.