Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A threat actor has claimed a cyber attack on insurance giant Zurich Insurance Group, allegedly having stolen sensitive company data.
In a post to a popular hacking forum, a threat actor by the name of “Rey” listed the group, claiming to have a database of sensitive internal files.
“Today I’m sharing a dataset containing over 1,400 highly sensitive internal files leaked from Zurich Insurance Group, one of the world’s largest insurance providers, with operations spanning over 215 countries and annual revenues exceeding $70 billion,” Rey said.
“In February 2025, Zurich Insurance Group suffered a major data breach after a threat actor under the moniker @Rey exfiltrated confidential corporate data.
“The leaked dataset contains internal financial documents, undisclosed agreements, and sensitive company communications.”
The threat actor claims the database contains internal emails, individual client and employee reports, financial reports, contracts and agreements and other sensitive documents.
As is standard practise on the forum, Rey also provided samples of the allegedly stolen data, which include contracts, documents and a license scan, all of which appear to be from Colombia or other Spanish-speaking countries.
One of the sample documents is dated 17 February 2025, suggesting the allegedly stolen data is recent.
In 2018, Zurich acquired the Latin American operations of Australian insurer QBE, expanding its business in Colombia, Mexico and Brazil and becoming the largest insurer in Argentina.
The threat actor listed the allegedly stolen data for free; however, the motivation for the breach is unknown.
Cyber Daily has reached out to Zurich Insurance for comment on the incident.
Be the first to hear the latest developments in the cyber industry.
