Chubb Cyber Insurer Allegedly Hit By Maze Ransomware Attack

Cyber insurer giant Chubb is allegedly the latest ransomware victim according to the operators of the Maze Ransomware who claim to have encrypted the company in March 2020.

Headquartered in Switzerland, Chubb is one of the leading insurance carriers in the world with an extensive line of cyber insurance products that include incident response, forensics, legal teams, and even public relations.

Ransomware is not unknown to Chubb, as in their 2019 Cyber InFocus Report Chubb explains that malware-related claims have risen by 18% in 2019, with ransomware being responsible for 40% of manufacturer's cyber claims and 23% of cyber claims for smaller businesses.

Maze claims they encrypted Chubb's network

In a new entry on their Maze 'News' site, the ransomware operators claim to have encrypted devices on Chubb's network in March, 2020.

As part of these attacks, the Maze operators will steal a company's files before encrypting their network. These stolen files will then be used as leverage by threatening to publicly release it if a ransom is not paid.

Since then, other ransomware operators such as REvil, DoppelPaymer, and CLOP have also begun to adopt this extortion tactic.

After encrypting victims, Maze will create an entry on their news site as a warning to the victim that if they do not pay, their data will be published. If a victim does not pay, the operators publish an increasingly larger amount of stolen data until it is all released.

While no data has been published yet, the Maze operators have included the email addresses of executives such as CEO Evan Greenberg, COO John Keogh, and Vice Chairman John Lupica. This information, though, should not be considered proof of encryption as the emails are readily available on public websites.

Furthermore, as published stolen data usually contains the personal information of employees and sensitive client information, it causes ransomware attacks to become a data breach. This brings along all of the legal and notification requirements, PR nightmares, and the potential of lawsuits.

At this time, it is not known how many devices were allegedly encrypted or how much data was stolen and Chubb has not responded to our inquiries.

BleepingComputer has also contacted the Maze operators but has not heard back at this time. 

We will update this article when more information becomes available.

Comments are closed.