MetLife Breach

In November 13 2024, insurance giant MetLife found itself named in a sprawling multi-company leak when the self-styled “data vigilante” Nam3L3ss dumped 25 CSV files on BreachForums-one labeled “met-life-2024” containing ≈ 585,000 employee records. The trove, which Hudson Rock analysts tied back to the 2023 MOVEit Transfer zero-day campaign, was uploaded the same day it was purportedly stolen, suggesting little or no ransom negotiation.     
    
Likely attack vector     
Hudson Rock and TechTarget traced time-stamps in the MetLife CSV back to May 2023, the same window Cl0p exploited CVE-2023-34362 in Progress Software’s MOVEit file-transfer product. Investigators believe a third-party vendor that handled bulk HR files for multiple clients lost the data during that spree; Nam3L3ss later aggregated and “re-released” the records to “raise awareness,” insisting they were not seeking payment.     
MetLife’s response-and denial     
MetLife has not acknowledged this specific 585 k-record leak. When pressed in January 2025 about related MOVEit allegations and an unrelated RansomHub ransomware claim, the company told reporters its enterprise systems were never compromised, attributing any observed files to either a supply-chain incident or to an isolated breach at an Ecuador-based subsidiary.     
    
Legal & regulatory outlook     
No dedicated lawsuits have been filed yet, but plaintiffs’ firms are already sweeping MOVEit-related claims into the federal MDL (No. 3083).