A major European insurer, Asefa, has been hit by a significant cyberattack that interrupted part of its IT infrastructure. Asefa is the Madrid-based Spanish subsidiary of France’s leading mutual insurer, SMABTP, highlighting the incident’s international scope. The disclosure of this attack follows a direct claim by the notorious Qilin ransomware syndicate that it has exfiltrated data. Qilin claims it has stolen over 200 gigabytes of very sensitive data from the company’s compromised computer systems. Although Asefa insists that its core insurance operations currently remain unaffected, this breach has cast a spotlight on growing vulnerabilities. These vulnerabilities are affecting the European insurance sector, particularly those companies with complex international footprints across the entire continent.
The Qilin ransomware group, which is known to have targeted more than 300 organizations globally in the last twelve months alone.
They have now officially listed Asefa, the Spanish insurer, on their dark web leak portal for all to see. Files purportedly obtained during the breach include internal corporate documents, various financial receipts, important legal agreements, and also passport scans. Notably, the stolen data includes details of a major insurance program that is linked to the redevelopment of FC Barcelona’s Camp Nou stadium. Researchers at Cybernews who analyzed samples of the leaked files have warned of the potential serious implications for many different parties.
This includes identity theft, contractual fraud, and corporate espionage.
Asefa has responded to the data breach via a public notice that was posted on its website before it was taken offline. In the message, the company expressed its gratitude to clients for their patience and confirmed that staff had regained some access. However, it noted that full digital functionality would remain suspended pending the completion of a full cybersecurity audit by their team. SMABTP, founded in 1859 and headquartered in Paris, France, is a mutual insurance group specializing in construction and liability cover. The parent group of Asefa reported revenues exceeding €4.3 billion in its most recent financial filings with European regulators. This incident underlines the growing menace posed by ransomware groups.
This particular cyberattack marks one of the most high-profile security breaches that has involved an insurer in southern Europe this year. It is very likely to raise many questions among regulators and clients alike about how their sensitive client data is secured. This is especially true for data that is linked to major strategic infrastructure projects like the FC Barcelona stadium redevelopment. Insurers all across the European Continent are now expected to thoroughly review their own cybersecurity risk exposure and their own arrangements. They will also likely reassess their own cyber insurance arrangements as a direct result of this significant and very public security incident. The Qilin group has escalated its operations in 2025.
Reference: