Zurich Insurance

Summary

A threat actor using the alias "Rey" claimed responsibility for a cyber attack on Zurich Insurance Group, alleging the theft of over 1,400 sensitive internal files. The stolen data reportedly includes confidential financial documents, undisclosed agreements, internal communications, and individual client and employee reports, with evidence suggesting the breach occurred in February 2025.

What Happened

In February 2025, a threat actor known as "Rey" claimed to have breached Zurich Insurance Group, one of the world's largest insurance providers operating in over 215 countries with annual revenues exceeding $70 billion. The hacker released sample documents dated as recently as 17 February 2025, including contracts, company documents, and scanned licences. Evidence suggests that Zurich's Latin American operations, particularly Colombia and other Spanish-speaking regions, may have been disproportionately affected. Unusually, the threat actor offered the stolen data for free rather than demanding a ransom.

Impact on Individuals

The breach potentially affects both clients and employees of Zurich Insurance, with the stolen dataset allegedly containing individual client and employee reports. The geographic distribution of affected individuals appears concentrated in Latin American operations, though the full scope remains unclear.

Organisational Response

Zurich Insurance Group has not publicly confirmed the alleged data breach or addressed the claims made by the threat actor. The company has not released information about its investigation or response measures.