The regulator claims that Voya didn’t adopt adequate cybersecurity measures after a hacker gained access to the personal information of several thousand customers.
Hackers impersonated contractors on the company’s technical support line to gain access to a portal that the firm uses to share the data with legitimate contractors.