Sun Life, one of Canada鈥檚 leading insurance providers, says the personal data of some of its U.S. customers has been compromised after one of its vendors was affected by a global cyberattack in June.

While Sun Life U.S. does not use MOVEit, the file transfer software that was targeted in the attack, one of its vendors, Pension Benefit Information (PBI), said some members' personal information was accessed by an unauthorized third party during the incident.

Sun Life says it shares certain information with PBI to support business operations such as paying life insurance and related benefits in a timely manner.

Additionally, PBI uses MOVEit to transfer files internally and between parties.

Hackers were able to access information such as name, Social Security 鈥嶯umber, policy and account number, and/or date of birth of some members and account holders.鈥

However, no financial information like account values or medical claims were exposed,

The company assured its members they take information security 鈥渧ery seriously鈥 and are conducting an investigation with PBI.

HOW DO I KNOW IF I WAS AFFECTED?

So far, there are no indications of identity theft or fraud linked to the incident.

In response to the breach of information, Sun Life says they are 鈥渨orking with PBI to confirm the member data involved,鈥 and will notify members accordingly.

They will also provide credit monitoring and identity protection services.

Sun Life adds members are encouraged to personally monitor their accounts and credit history for 鈥渟igns of unauthorized activity,鈥 and to change their account passwords 鈥 even though the latter were not exposed in the breach.

The company also recommends customers place credit card freezes or fraud alerts with credit bureaus such as Equifax, Experian and TransUnion for an additional layer of protection against misuse of personal information. 

Correction:

This article has been updated to clarify only U.S. customers of Sun Life were impacted.