Chubb responds to Maze ransomware hack claims


Leading cyber insurance specialist Chubb has been targeted by hackers who claim to have encrypted files and stolen data.

A spokesperson for Chubb confirmed the insurer is currently investigating a computer security incident that they said may involve unauthorised access to data held by a third-party service provider.

The spokesperson said: “We have no evidence that the incident affected Chubb’s network. Our network remains fully operational and we continue to service all policyholder needs, including claims.

“Securing the data entrusted to Chubb is a top priority for us. We will provide further information as appropriate.”

According to reports, Maze Ransomware hackers posted on their news feed that they hacked into the company this month.

While no proof has yet been filed the procedure is normally to demand a ransom with a threat of publishing the stolen information. Screenshots of the ransomware group’s site list proof as “coming soon”.

Chubb has long been a prominent player in the cyber insurance market providing cover to individuals, SMEs and larger corporations.

Its Cyber Enterprise Risk Management Policy, designed to protect business assets against the complexity of cyber threats, includes cover for network or data extortion / blackmail.

The range of services and protection further includes business interruption loss due to a network security failure or attack, as well as incident response and investigation costs.

The package also includes legal costs, crisis communications expenses and liability from failure to maintain confidentiality of data and unauthorised network use.

On its Chubb Cyber Index the provider reports that it has been handling cyber claims for more than two decades.

Within this a factsheet for financial institutions, dated June last year, stated the industry inherently holds a robust amount of data, conducts many transactions and is a prime target “for bad actors”.

Although financial institutions are one of the most vigilant and prepared types of insured entities, said Chubb, its index showed the median cost of incident response services (including call centre, forensic services, notification, crisis response and more) for these organisations has climbed to nearly $1,636,653 during the past three years, nearly double the $827,623 median cost from 2009-2018.

The Cyber In Focus section of the carrier’s website notes that the financial damages of cyber crime are projected to reach $6tn (£4.9tn) annually by 2021 — more than double those same figures from 2015.

In its most recent Cyber In Focus report, for the third quarter of 2019 published in October, Chubb reported that ransomware attacks rose “at an alarming rate during the first half of 2019, bypassing the total number of ransomware claims Chubb saw in 2018”.

This came on the back of an 84% increase in ransomware attacks from 2017 to 2018, Chubb added.

  • LinkedIn  
  • Save this article
  • Print this page  

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact [email protected] or view our subscription options here:

You are currently unable to copy this content. Please contact [email protected] to find out more.

You need to sign in to use this feature. If you don’t have an Insurance Post account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: