Cyber Insurer Chubb Had Data Stolen in Maze Ransomware Attack
upstart writes in with an IRC submission for SoyCow8162:
Cyber insurer Chubb had data stolen in Maze ransomware attack - TechCrunch:
Chubb, a major cybersecurity insurance provider for businesses hit by data breaches, has itself become a target of a data breach.
The insurance giant told TechCrunch it was investigating a "security incident" involving the unauthorized access to data belonging to an unnamed third-party. Chubb spokesperson Jeffrey Zack said the company had "no evidence" the incident affected Chubb's own network and that its network "remains fully operational." But the spokesperson declined to comment further or answer any of our questions, including if its customers were affected.
Brett Callow, a threat analyst at security firm Emsisoft, first alerted TechCrunch to the breach on Thursday. According to Callow, the security incident was a data-stealing ransomware attack launched by the Maze ransomware group. Maze not only spreads across a network, infecting and encrypting every computer in its path, it also exfiltrates the data to the attackers' servers where it is held for ransom. If a ransom isn't paid, the attackers publish the files online.
[...] Callow said the attackers behind the incident posted a listing on their website claiming to have data stolen from Chubb in earlier in March. The listing included the names and email addresses of three senior executives, including CEO Evan Greenberg.
Read more of this story at SoylentNews.