Asefa, a subsidiary of France’s largest mutual insurer SMABTP, has confirmed a significant cyber incident that disrupted part of its IT infrastructure. The breach follows claims by the Qilin ransomware syndicate that it has exfiltrated over 200 gigabytes of sensitive data from the company.
The cyberattack has brought attention to the growing cybersecurity vulnerabilities within the European insurance sector, particularly those with complex international operations. Qilin, known for targeting over 300 organizations globally in the past 12 months, has listed Asefa on its dark web leak portal. The stolen data purportedly includes internal corporate documents, financial receipts, legal agreements, passport scans, and details of a major insurance program related to FC Barcelona’s Camp Nou stadium redevelopment.
Impact and Response
Asefa has acknowledged the breach through a public notice on its website, which has since been taken offline for security reviews. The company expressed gratitude to clients for their patience and confirmed that staff had regained access to internal communication systems. However, full digital functionality remains suspended pending a comprehensive cybersecurity audit.
Researchers analyzing samples of the leaked files have warned of potential implications for identity theft, contractual fraud, and corporate espionage. The leak of documents related to high-profile clients such as FC Barcelona adds further reputational risk and could expose operational sensitivities if the data’s authenticity is confirmed.
Industry Context
SMABTP, founded in 1859 and headquartered in Paris, specializes in construction and liability coverage. It has expanded across Europe through acquisitions and partnerships, including its 1989 purchase of Asefa, which leads Spain’s construction defects insurance market. The incident highlights the growing threat posed by ransomware groups targeting firms with valuable infrastructure or industry-specific data.
The attack is likely to prompt regulators and clients to question how sensitive client data, especially related to strategic infrastructure projects, is secured. Insurers across Europe are expected to review their risk exposure and reassess their cyber insurance arrangements in response to this breach.
