A data breach that hit technology platform Infosys McCamish Systems last year affected over 6 million customers at several financial services firms, including T. Rowe Price Retirement Plan Services, according to filings with the Maine attorney general’s office.
A Sept. 9 report from IMS updates earlier notices to the Maine attorney general, adding the T. Rowe Price business and New York Life Group Benefits Solutions to the list of affected financial services companies.
Principal Life Insurance Co., Prudential Insurance Co. of America and Oceanview Life and Annuity Co. were cited in earlier disclosures starting in June.
A T. Rowe Price spokesperson provided a statement to ThinkAdvisor by email Tuesday afternoon, noting IMS reported in November 2023 that certain systems were encrypted with ransomware. IMS engaged a vendor to identify affected individuals.
In late June, IMS made regulatory filings indicating a total impact of more than 6 million people, and informed T. Rowe Price Retirement Plan Services about a subset of fewer than 10,000 affected individuals associated with nonqualified plans record-kept by T. Rowe Price, the investment firm said.
T. Rowe Price reviewed the data, communicated with its affected nonqualified plan clients, and offered them the opportunity to opt in to mailings from IMS to consumers, the company said, adding that these mailings were sent on August 23.
“T. Rowe Price’s systems were not compromised by the incident at IMS and no data was exfiltrated from T. Rowe Price systems. IMS provides recordkeeping support to T. Rowe Price for nonqualified plans only and there was no impact to the services T. Rowe Price provides to qualified and governmental retirement plans,” the spokesperson said.