Principal Monetary Group helps hundreds of thousands of individuals and companies plan for the longer term via retirement companies, insurance coverage, and asset administration. Clients belief Principal with their cash, so it’s important to maintain digital channels safe.
However that belief was examined in 2023, when Principal noticed an increase in fraudulent on-line registrations, notably in its retirement enterprise. Attackers had discovered a weak spot: unregistered buyer accounts already tied to present investments. As a result of these accounts didn’t but have usernames, passwords, or multi-factor authentication (MFA), they turned straightforward targets for takeover.
The wrongdoer was knowledge-based authentication (KBA), a standard technique for proving identification that asks customers to reply private questions on former house addresses or automobile fashions. Sadly, that sort of knowledge is now straightforward for fraudsters to purchase or steal from breaches, knowledge brokers, and social media.
