Excerpt from Cyber Daily Article, Published on Mar 04, 2025.
Zurich Insurance Group has reportedly fallen victim to a major data breach, with a threat actor named “Rey” claiming responsibility for the attack. The hacker, in a post on a popular cybercrime forum, alleged that over 1,400 highly sensitive internal files from Zurich have been leaked. The stolen dataset is said to include confidential financial documents, undisclosed agreements, internal company communications, and individual client and employee reports.
The alleged breach occurred in February 2025, with leaked samples suggesting that the data is recent. Among the samples provided by the hacker are contracts, company documents, and a scanned license, with indications that many of the records originate from Colombia and other Spanish-speaking regions. This detail has raised concerns that Zurich’s Latin American operations may have been particularly impacted. The insurer had previously expanded its presence in the region following its 2018 acquisition of QBE’s Latin American operations, becoming the largest insurer in Argentina and strengthening its footprint in Colombia, Mexico, and Brazil.
Zurich, one of the world’s largest insurance providers, operates in over 215 countries and generates more than $70 billion in annual revenue. The company has yet to confirm the alleged data breach or address the claims made by the hacker. Unlike many cyberattacks that involve ransom demands, this incident appears to be purely a case of data exposure, as the threat actor has reportedly listed the stolen Zurich data for free. The motivation behind the breach remains unknown. If the claims are verified, Zurich could face significant regulatory scrutiny and reputational damage. With the rising frequency of cyberattacks targeting major corporations, this incident serves as yet another reminder of the persistent cybersecurity threats in the insurance sector. Clients and partners of Zurich will be closely watching for further developments as the company responds to the allegations.
To delve deeper into this topic, please read the full article Cyber Daily.
