The insurance giant told TechCrunch it was investigating a “security incident” involving the unauthorized access to data belonging to an unnamed third-party. Chubb spokesperson Jeffrey Zack said the company had “no evidence” the incident affected Chubb’s own network and that its network “remains fully operational.”
But the spokesperson declined to comment further or answer any of our questions, including if its customers were affected.
Brett Callow, a threat analyst at security firm Emsisoft, first alerted TechCrunch to the breach on Thursday. According to Callow, the security incident was a data-stealing ransomware attack launched by the Maze ransomware group. Maze not only spreads across a network, infecting and encrypting every computer in its path, it also exfiltrates the data to the attackers’ servers where it is held for ransom. If a ransom isn’t paid, the attackers publish the files online.
In December, the FBI privately warned businesses of an increase in Maze-related ransomware incidents.
Callow said the attackers behind the incident posted a listing on their website claiming to have data stolen from Chubb in earlier in March. The listing included the names and email addresses of three senior executives, including CEO Evan Greenberg.
At the time of writing, the attackers have not yet published any of the stolen files.
Chubb is one of the largest cybersecurity providers in the United States, offering incident response services and covering companies from losses caused by data breaches. Target last year filed a $74 million lawsuit against Chubb after the retailer claimed the insurance carrier failed to properly compensate it for the costs incurred from its 2013 data breach involving the theft of 110 million customers’ data.