Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Sedgwick cyberattack. Show all posts
TridentLocker ransomware
contractor breach Cyber Attacks Government ransomware data theft Sedgwick cyberattack TridentLocker ransomware

Sedgwick Confirms Cyberattack on Government Services Unit After TridentLocker Data Theft Claim

 

Sedgwick Claims Management Services Inc. has disclosed that a cyber incident affected one of its subsidiaries in late December, following claims by the TridentLocker ransomware group that it had exfiltrated sensitive company data.

The breach took place on Dec. 30 and involved Sedgwick Government Solutions Inc., a unit that delivers technology-driven claims and risk administration services to U.S. federal agencies.

In response, Sedgwick implemented standard incident containment measures, including isolating impacted systems, engaging external cybersecurity specialists to conduct forensic investigations, and notifying law enforcement authorities and relevant stakeholders.

According to the company, early findings suggest the intrusion was confined to a standalone file transfer system used by the subsidiary. Sedgwick emphasized that there is currently no indication that its primary corporate network or core claims management platforms were compromised.

Sedgwick Government Solutions works closely with several U.S. federal bodies, including the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency. As the investigation progresses, Sedgwick has begun alerting individuals and organizations that may have been affected—a process expected to continue for several weeks as forensic analysis advances.

The company’s confirmation follows assertions from the TridentLocker ransomware group, which claims to have obtained roughly 3.4 gigabytes of data and has threatened to release the information publicly if its demands are not satisfied.

TridentLocker operates using a data extortion strategy that prioritizes stealing and leaking data instead of encrypting victims’ systems.

“TridentLocker hitting a federal contractor serving DHS, ICE, CBP and CISA on New Year’s Eve is a statement,” Michael Bell, founder and chief executive of cybersecurity solutions provider Suzu Labs, told SiliconANGLE via email. “This group only emerged in November and they’re already going after companies that handle sensitive government claims and risk management data. Federal contractors remain high-value targets because attackers know these companies often have less mature security programs than the agencies they serve.”

Bell further noted that Sedgwick’s emphasis on network segmentation is reassuring but cautioned against minimizing the impact. He added that Sedgwick’s response about network segmentation “is what you want to hear, but 3.4 gigabytes from a file transfer system is still meaningful. These systems are designed to move documents between contractors and the agencies they serve and the investigation will determine what was actually in those files.”
Read more »
Subscribe to: Comments (Atom)